CVE-2023-34210 Information

Description

SQL Injection in create customer group function in EasyUse MailHunter Ultimate 2023 and earlier allow remote authenticated users to execute arbitrary SQL commands via the ctl00$ContentPlaceHolder1$txtCustSQL parameter.

Reference

https://zuso.ai/Advisory/ZA-2023-07