SQL injection vulnerability in index.php in Mlffat 2.2 allows remote attackers to execute arbitrary SQL commands via a member cookie in an account editprofile action, a different vector than CVE-2009-1731.
CVSS Score
7.5
EPSS Score
0.001
Published
2009-07-24
SQL injection vulnerability in panel/index.php in MLFFAT 2.1 allows remote attackers to execute arbitrary SQL commands via a base64-encoded supervisor cookie.
CVSS Score
7.5
EPSS Score
0.005
Published
2009-05-20