SQL Injection in PHPSUGAR PHP Melody before 2.7.3 via admin/edit_category.php

SQL Injection in PHPSUGAR PHP Melody before 2.7.3 via admin/edit_category.php

CVE-2017-15578 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via the image parameter to admin/edit_category.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.