CVE-2023-2420 MLECMS common.func.php get_url sql injection

A vulnerability was found in MLECMS 3.0. It has been rated as critical. This issue affects the function geturl in the library /upload/inc/lib/admin of the file upload\inc\include\common.func.php. The manipulation of the argument $SERVER'REQUESTURI' leads to sql injection. The attack may be...

CVE-2023-2420

MLECMS 3.0 contains a SQL injection in the get_url function of the /upload/inc/lib/admin module, triggered by manipulating $_SERVER['REQUEST_URI']. This CVE-2023-2420 entry states remote exploitability and public disclosure, rating the issue as CRITICAL per the description. Connected sources cons...