Please disregard the 'View article...' shown at the bottom of many posts as this is the result of restoring old forum posts from a backup.
- Last Active
I found two potential SQL injections. 0x1 > framework/modules/eaas/controllers/eaasController.php , $key can becontrolled. And in the line 33 of framework/core/models/expConfig.php,$this->location_data can be controlled and injected. It is …