Multiple SQL injection vulnerabilities in Land Down Under (LDU) v701 allow remote attackers to execute arbitrary SQL commands or obtain the installation path via parameters including (1) s, w, and d in users.php, (2) id in comments.php, (3) rusername in auth.php, or (4) h in plug.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Land_down_under | Neocrome | 701 (including) | 701 (including) |