CVE-2023-50073
EmpireCMS v7.5 contains a SQL injection vulnerability exposed by the ftppassword parameter in SetEnews.php. The root cause is lack of validation/external input handling for ftppassword, enabling malicious SQL statements and potential unauthorized data access. Several connected records confirm the...