Advanced World Database
Monthly
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
Advanced World Database 2.0.5 has SQL Injection via the city.php country or state parameter, or the state.php country parameter. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.