CVE-2017-17572

FS Amazon Clone 1.0 is affected by a SQL injection vulnerability exploitable via the PATH_INFO endpoint /VerAyari. Public records attribute the issue to improper handling of PATH_INFO in a PHP/MySQL stack, enabling remote attackers to inject SQL commands. Impact is described as high, with potenti...