Multiple SQL Injection Vulnerabilities in My Little Forum before 2.3.4

Multiple SQL Injection Vulnerabilities in My Little Forum before 2.3.4

CVE-2015-1434 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Multiple SQL injection vulnerabilities in my little forum before 2.3.4 allow remote administrators to execute arbitrary SQL commands via the (1) letter parameter in a user action or (2) edit_category parameter to index.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.