MidnightBSD

Advisories for mlmsoftwarez

CVE-2018-17843 HIGH

SQL injection exists in ADD Clicking MLM Software 1.0, Binary MLM Software 1.0, Level MLM Software 1.0, Singleleg MLM Software 1.0, Autopool MLM Software 1.0, Investment MLM Software 1.0, Bidding MLM Software 1.0, Moneyorder MLM Software 1.0, Repurchase MLM Software 1.0, and Gift MLM Software 1.0 via the member/readmsg.php msg_id parameter, the member/tree.php pid parameter, or the member/downline.php m_id parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
mlmsoftwarez bidding_mlm_software 1.0
mlmsoftwarez add_clicking_mlm_software 1.0
mlmsoftwarez level_mlm_software 1.0
mlmsoftwarez gift_mlm_software 1.0
mlmsoftwarez singleleg_mlm_software 1.0
mlmsoftwarez autopool_mlm_software 1.0
mlmsoftwarez investmen_mlm_software 1.0
mlmsoftwarez binary_mlm_software 1.0
mlmsoftwarez moneyorder_mlm_software 1.0
mlmsoftwarez repurchase_mlm_software 1.0