PIMS order management system controller\buy.php has SQL injection vulnerability
PIMS is an online order management system for subscription-based websites. An SQL injection vulnerability exists in controller\buy.php of the PIMS order management system. An attacker can exploit the vulnerability to obtain sensitive database information...