CVE-2017-20128
KB Messages PHP Script 1.0 is affected by an unauthenticated SQL injection vulnerability. The issue arises from improper handling of the username/password inputs, where the payload 'or''=' enables injection. It is exploitable remotely and the exploit has been publicly disclosed, making active exp...