An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable “qty” on the page index.php.
An issue was discovered in Textpattern CMS 4.6.2 and earlier. It is possible to inject SQL code in the variable “qty” on the page index.php.