Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary SQL commands via the (1) id and (2) newlanguage parameters to site.php, (3) search parameter to manuals.php, and (4) unspecified vectors to faq.php. NOTE: some of these details are obtained from third party information.
Max CVSS
7.5
EPSS Score
0.13%
Published
2010-04-09
Updated
2017-08-17
1 vulnerabilities found