EMLsoft 'numPerPage' Parameter SQL Injection Vulnerability
EMLsoft is an enterprise address book management system. A SQL injection vulnerability exists in the upload\eml\action\action.address.php file in EMLsoft version 5.4.5. A remote attacker can exploit this vulnerability to view, add, modify or delete information in the back-end database with the he...