CVE-2022-4871

A vulnerability classified as problematic was found in ummmmm nflpick-em.com up to 2.2.x. This vulnerability affects the function LoadUsers of the file html/includes/runtime/admin/JSON/LoadUsers.php. The manipulation of the argument sort leads to sql injection. The attack can be initiated remotel...

Sql injection

A vulnerability classified as problematic was found in ummmmm nflpick-em.com up to 2.2.x. This vulnerability affects the function LoadUsers of the file html/includes/runtime/admin/JSON/LoadUsers.php. The manipulation of the argument sort leads to sql injection. The attack can be initiated remotel...

CVE-2022-4871

CVE-2022-4871 affects nflpick-em.com up to version 2.2.x. The vulnerability is in the _Load_Users function of html/includes/runtime/admin/JSON/LoadUsers.php, where manipulating the sort parameter enables SQL injection. The administrative JSON entrypoint is required for exploitation, and remote in...

CVE-2022-4871 ummmmm nflpick-em.com LoadUsers.php _Load_Users sql injection

A vulnerability classified as problematic was found in ummmmm nflpick-em.com up to 2.2.x. This vulnerability affects the function LoadUsers of the file html/includes/runtime/admin/JSON/LoadUsers.php. The manipulation of the argument sort leads to sql injection. The attack can be initiated remotel...