SQL Injection via aa_pages_per_page Cookie in PHPSUGAR PHP Melody before 2.7.3

CVE-2017-15579 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.