RSS   Vulnerabilities for 'Phpopensourcecms'   RSS

2018-08-31
 
CVE-2018-16278

CWE-89
 

 
phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter.

 


Copyright 2024, cxsecurity.com

 

Back to Top