Yii 'findByCondition' Function SQL Injection Vulnerability
Yii is the Yii team developed a set of component-based , high-performance PHP framework for developing large-scale Web applications . A SQL injection vulnerability exists in the 'findByCondition' function in the framework/db/ActiveRecord.php file in version 2.x of Yii before 2.0.15. A remote...