Sql injection
Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7.0 Trial Edition allow remote authenticated users to execute arbitrary SQL commands via the 1 id parameter in a savedsearch action and 2 itemtypes parameter in a showitemsearch action in the...