CVE-2015-10063

Name of the Vulnerable Software and Affected Versions saemorris TheRadSystem (affected versions not specified)

Description A critical issue was found in saemorris TheRadSystem, affecting the redirect function of the login.php file. The manipulation of the user/pass argument leads to SQL injection. The attack can be initiated remotely.

Recommendations To fix this issue, it is recommended to apply a patch. As a temporary workaround, consider restricting access to the redirect function in the login.php file until a patch is available. Additionally, avoid using the user/pass argument in the affected function to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.