2 matches found
CVE-2021-46459
Victor CMS v1.0 was discovered to contain multiple SQL injection vulnerabilities in the component admin/users.php?source=adduser. These vulnerabilities can be exploited through a crafted POST request via the username, userfirstname,userlastname, or useremail parameters...
CVE-2021-46459
CVE-2021-46459 affects Victor CMS v1.0. Multiple SQL injection vulnerabilities exist in the admin/users.php?source=add_user component, exploitable via crafted POST requests to parameters user_name, user_firstname, user_lastname, or user_email. Root cause stated: lack of input validation in SQL st...