Multiple SQL injection vulnerabilities in VHCS 2.4 and earlier allow remote attackers to execute arbitrary SQL commands via certain inputs from HTTP POST queries.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Virtual_hosting_control_system | Virtual_hosting_control_system | * | 2.4 (including) |
| Virtual_hosting_control_system | Virtual_hosting_control_system | 2.2 (including) | 2.2 (including) |