SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| webmanager-pro | cms_webmanager-pro | * |
Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-20,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| webmanager-pro | cms_webmanager-pro | * |
| webmanager-pro | cms_webmanager-pro | 7.4.3 |