SQL injection vulnerability in author/edit.php in OpenConf 4.x before 4.12 allows remote attackers to execute arbitrary SQL commands via the pid parameter.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-noinfo,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| zakongroup | openconf | 4.11 |
| zakongroup | openconf | 4.00 |
| zakongroup | openconf | 4.10 |
| zakongroup | openconf | 4.01 |
| zakongroup | openconf | 4.02 |