OpenSNS is a comprehensive social networking software developed by Thinking Sky Technology. pid parameter in /Controller/ChinaCityController.class.php in OpenSNS version 6.1.0 is vulnerable to SQL blind injection. An attacker can use this vulnerability to obtain sensitive database information.
CPE | Name | Operator | Version |
---|---|---|---|
opensns opensns | eq | 6.1.0 |