SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie.
8.5AI Score
0.003EPSS
SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
8.6AI Score
0.003EPSS