Bigantsoft ≫ Bigant Office Messenger 5

BigAnt Office Messenger 5.6.06 is vulnerable to SQL Injection via the 'dev_code' parameter.

An Access Control vulnerability exists in BigAntSoft BigAnt office messenger 5.6 via im_webserver, which could let a malicious user upload PHP Trojan files.