SQL Injection Vulnerability in rdr.php in nuevoMailer 6.0 and Earlier: Remote Code Execution via r Parameter

SQL Injection Vulnerability in rdr.php in nuevoMailer 6.0 and Earlier: Remote Code Execution via r Parameter

CVE-2017-9730 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

SQL injection vulnerability in rdr.php in nuevoMailer version 6.0 and earlier allows remote attackers to execute arbitrary SQL commands via the "r" parameter.

Learn more about our Web Application Penetration Testing UK.