CVE-2020-12461
Summary: CVE-2020-12461 affects PHP-Fusion 9.03.50 and allows SQL Injection via the sort_order GET parameter on members.php, due to insufficient protection in maincore.php. Multiple connected sources corroborate the vulnerability and its impact on SQL semantics after ORDER BY, with references ind...