YouPHPTube 'user_id' Parameter SQL Injection Vulnerability
YouPHPTube is a PHP-based video website system. YouPHPTube version 7.6 has a SQL injection vulnerability in the 'userid' parameter of the /objects/subscribeNotify.json.php file. The vulnerability stems from a lack of validation of externally entered SQL statements in database-based applications. ...