Опубликовано: 01 фев. 2026
Источник: github
Github: Не прошло ревью
CVSS4: 8.6
CVSS3: 8.1
Описание
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.
Simple CMS 2.1 contains a remote SQL injection vulnerability that allows privileged attackers to inject unfiltered SQL commands in the users module. Attackers can exploit unvalidated input parameters in the admin.php file to compromise the database management system and web application.
Связанные уязвимости
nvd
7 дней назад
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.