FlameCMS login.php file SQL injection vulnerability
FlameCMS is an open source PHP-based content management system CMS. A SQL injection vulnerability exists in the account/login.php file in FlameCMS version 3.3.5. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. An attacker can...