1 matches found
Sql injection
CommSy through 8.6.5 has SQL Injection via the cid parameter. This is fixed in 9.2...