CVE-2015-2237
Betster (also known as PHP Betoffice) 1.0.4 contains multiple SQL injection vulnerabilities exploitable via the id parameter in showprofile.php or categoryedit.php, and the username parameter in login (index.php). The vulnerabilities allow remote attackers to execute arbitrary SQL commands, with ...