EMLsoft SQL Injection Vulnerability
EMLsoft is an enterprise address book management system. A SQL injection vulnerability exists in the upload\eml\action\action.user.php file in EMLsoft version 5.4.5. A remote attacker can exploit this vulnerability to view, add, modify or delete information in the back-end database with the help ...