2026-04-05 20:45:33
VulnCheck
PUBLISHED
OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the where parameter. Attackers can send GET requests to search.php with malicious SQL payloads in the where parameter to extract sensitive database information.