2017-10-18 02:00:00
mitre
PUBLISHED
In PHPSUGAR PHP Melody before 2.7.3, SQL Injection exists via an aa_pages_per_page cookie in a playlist action to watch.php.