1 results (0.006 seconds)

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 2

SQL injection vulnerability in form.php in 360 Web Manager 3.0 allows remote attackers to execute arbitrary SQL commands via the IDFM parameter. Vulnerabilidad de inyección SQL en form.php de 360 Web Manager 3.0 permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro IDFM. • https://www.exploit-db.com/exploits/4944 http://www.securityfocus.com/bid/27364 http://www.vupen.com/english/advisories/2008/0217 https://exchange.xforce.ibmcloud.com/vulnerabilities/39796 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •