SQL injection vulnerability in MaxWebPortal allows remote attackers to inject arbitrary SQL code and gain sensitive information via the SendTo parameter in Personal Messages.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Maxwebportal | Maxwebportal | 1.30 (including) | 1.30 (including) |
Maxwebportal | Maxwebportal | 1.31 (including) | 1.31 (including) |