SQL injection vulnerability in cn_users.php in CzarNews 1.20 and earlier allows remote attackers to execute arbitrary SQL commands via a recook cookie.
Software | From | Fixed in |
---|---|---|
czaries / czarnews | - | 1.20.x |
czaries / czarnews | 1.12 | 1.12.x |
czaries / czarnews | 1.13 | 1.13.x |
czaries / czarnews | 1.14 | 1.14.x |