CVE-2013-2690
CVE-2013-2690 is a SQL injection vulnerability in the SynConnect 2.0 login flow of Synchroweb Technology. The flaw affects index.php where an attacker can manipulate the loginid parameter in a logoff action to execute arbitrary SQL commands. Reported in NVD with a base score of 7.5 (HIGH) and net...