messages_load.php in ClinicCases 7.3.3 suffers from a blind SQL injection vulnerability, which allows low-privileged attackers to execute arbitrary SQL commands through a vulnerable parameter.
CPE | Name | Operator | Version |
---|---|---|---|
cliniccases | eq | RC1 | |
cliniccases | eq | 7.1.0 | |
cliniccases | eq | 7.0.0 | |
cliniccases | eq | 7beta2.0 | |
cliniccases | eq | 7.3.0 | |
cliniccases | eq | 7.2.3 | |
cliniccases | eq | RC1.4 | |
cliniccases | eq | 7.3.1 | |
cliniccases | eq | 7.2.10 | |
cliniccases | eq | 7.16 |