CVE-2021-4301

A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms'dbprepend' leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to...

CVE-2021-4301

The CVE-2021-4301 entry affects slackero phpwcms (versions up to 1.9.26). The root cause is SQL injection triggered by manipulating the PHP variable phpwcms['db_prepend']. Impact is SQL injection with remote attack potential on affected installations. A fix is available in phpwcms 1.9.27, with th...