CandidATS SQL注入漏洞

CandidATS is a free and open source recruiter tracking system from CandidATS India. A security vulnerability exists in CandidATS version 3.0.0 Beta that stems from allowing authenticated users to inject SQL queries via the userID parameter...