CVE-2018-17388

Name of the Vulnerable Software and Affected Versions Twilio WEB To Fax Machine System version 1.0

Description The issue exists due to SQL Injection in the Twilio WEB To Fax Machine System. This can be exploited via the email or password parameter to "login check.php", or the id parameter to "add email.php" or "edit content.php".

Recommendations For Twilio WEB To Fax Machine System version 1.0, consider validating and sanitizing user input for the email, password, and id parameters to prevent SQL Injection attacks. As a temporary workaround, restrict access to "login check.php", "add email.php", and "edit content.php" to minimize the risk of exploitation.