CVE-2017-20141

Name of the Vulnerable Software and Affected Versions Itech Movie Portal Script version 7.36

Description A critical issue has been found in the software, affecting the /movie.php file. The manipulation of the f argument leads to SQL injection (Union), allowing for remote attacks. The exploit has been publicly disclosed.

Recommendations For Itech Movie Portal Script version 7.36, consider restricting access to the /movie.php file and avoid using the f argument until a patch is available. As a temporary workaround, restrict the use of the SQL query function that handles the f argument to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.