There are unrestricted SQL injection attacks in the Events-Management-system. Controllable parameters: id. In dodelete.php, there is no restriction on adding id parameters to SQL statements. You can ...
Some results have been hidden because they may be inaccessible to you
Feedback