YouDianCMS is a web CMS. SQL injection vulnerability exists in YoudianCMS v9.5.0, which originates from a missing validation of external input SQL statements in the MailSendID parameter at /App/Lib/Action/Admin/MailAction.class.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
长沙友点软件科技有限公司 youdiancms v | eq | 9.5.0 |