CVE-2015-1514
FancyFon FAMOC is affected by SQL injection vulnerabilities in versions prior to 3.17.4. The flaws permit remote SQL command execution via the device ID REST parameter (PATH_INFO) to /ajax.php and via the order parameter to index.php. Root cause: inadequate input filtering on these parameters. Im...