3 matches found
Sql injection
FS Crowdfunding Script 1.0 has SQL Injection via the latestnewsdetails.php id parameter...
CVE-2017-17578
FS Crowdfunding Script 1.0 has SQL Injection via the latestnewsdetails.php id parameter...
CVE-2017-17578
CVE-2017-17578 affects FS Crowdfunding Script 1.0 (PHP/MySQL). The vulnerability is a SQL injection in the latest_news_details.php script via the id parameter, enabling a remote attacker to inject SQL commands. CVSS vectors indicate high/critical impact with network access and no authentication r...