Zendo Project Management Software Open Source 9.1.1 SQL Injection Vulnerability
Zendo is an open source project management software. Zendo Project Management Software Open Source 9.1.1 SQL injection vulnerability exists in module\block\control.php page. Due to the lack of filtering of the 'main' parameter, allowing attackers to exploit the vulnerability to obtain sensitive...