Описание
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2018-18084
- https://github.com/Mochazz/Mochazz.github.io/blob/master/2018/09/30/DuomiCms3.0%E6%9C%80%E6%96%B0%E7%89%88%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98/index.html
- https://mochazz.github.io/2018/09/30/DuomiCms3.0%E6%9C%80%E6%96%B0%E7%89%88%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98
Связанные уязвимости
CVSS3: 9.8
nvd
больше 7 лет назад
An issue was discovered in DuomiCMS 3.0. SQL injection exists in the ajax.php file, as demonstrated by the uid parameter.