2 matches found
CVE-2019-7726
modules/banners/funcs/click.php in NukeViet before 4.3.04 has a SQL INSERT statement with raw header data from an HTTP request e.g., Referer and User-Agent...
CVE-2019-7726
CVE-2019-7726 affects NukeViet prior to 4.3.04. The affected code path is in modules/banners/funcs/click.php, where a SQL INSERT statement incorporates raw header data from HTTP requests (e.g., Referer and User-Agent). The underlying issue is SQL injection risk due to unsanitized header input bei...