2014-11-20 11:00:00
mitre
PUBLISHED
SQL injection vulnerability in Maarch LetterBox 2.8 allows remote attackers to execute arbitrary SQL commands via the UserId cookie.