SQL injection vulnerability in default.aspx in ParsaGostar ParsaWeb CMS allows remote attackers to execute arbitrary SQL commands via the (1) id parameter in the "page" page and (2) txtSearch parameter in the "Search" page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.011
EPSS Ranking 63.0%