S-CMS PHP 1.0 has SQL injection in member/member_news.php via the type parameter (aka the $N_type field).
References
Link | Resource |
---|---|
http://www.iwantacve.cn/index.php/archives/75/ | Exploit Third Party Advisory |
Configurations
History
No history.
Information
Published : 2018-11-01 01:29
Updated : 2024-02-28 16:48
NVD link : CVE-2018-18887
Mitre link : CVE-2018-18887
CVE.ORG link : CVE-2018-18887
JSON object : View
Products Affected
s-cms
- s-cms
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')