CVE-2014-9528
CVE-2014-9528 affects HumHub 0.10.0-rc.1 and earlier. The vulnerability is a SQL injection in the actionIndex function of protected/modules_core/notification/controllers/ListController.php, exploitable by remote authenticated users via the from parameter to index.php. The issue may also enable cr...