CVE-2019-7585

2019-02-0718:00:00

mitre

www.cve.org

9.9 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

59.5%

JSON

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php allows time-based SQL Injection via the param array parameter to the /index.php?m=public&a=checkemail URI.

References

github.com/caokang/waimai/issues/11