CVE-2017-11584

2017-07-2400:00:00

mitre

www.cve.org

9.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.5%

JSON

dayrui FineCms 5.0.9 has SQL Injection via the field parameter in an action=module, action=member, action=form, or action=related request to libraries/Template.php.

References

lorexxar.cn/2017/07/20/FineCMS%20multi%20vulnerablity%20before%20v5.0.9/#SQL-injection-via-system-field-parameter