CVE-2023-35851

SUNNET WMPro portal's FAQ function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to obtain sensitive information via a database. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt