YouDianCMS is a web CMS. SQL injection vulnerability exists in YoudianCMS v9.5.0, which originates from a missing validation of external input SQL statements in the id parameter at /App/Lib/Action/Admin/SiteAction.class.php. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.