Critical Vulnerability Information Vulnerability Name: MLM Forced Matrix 2.0.9 - 'newid' SQL Injection EDB-ID: 43307 CVE: 2017-17636 Author: Ihsan Sencan Type: WEBAPPS Platform: PHP Release Date: 2017-12-11 Affected Application: MLM Forced Matrix 2.0.9 Verification Status: EDB Verified Exploit: Link or code block available Vulnerability Description Description: This vulnerability allows attackers to inject SQL commands via the parameter, enabling execution of arbitrary SQL statements. Test Environment: Windows 7 x64 / Kali Linux x64 Affected Version: 2.0.9 Exploit Code Example Additional Information Vendor Home Page: https://www.phpscriptsmall.com/ Software Link: https://www.phpscriptsmall.com/product/mlm-forced-matrix/ Category: Webapps