modules/banners/funcs/click.php in NukeViet before 4.3.04 has a SQL INSERT statement with raw header data from an HTTP request (e.g., Referer and User-Agent).
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| nukeviet/nukeviet(Packagist) | 0 | 4.3.04 | N/A |
CVSS Metrics
