System name: WanHu ezEIP
System version: 2.0
Vulnerability found by: Akast [N. S. T]
Security team: Neuron Security Team
Vulnerability type: SQL injection
Vulnerability file:/caseinfo. asp
Vulnerability variable: Newid=1&cid=1
Software type: business software
Development company: Guangzhou million network Technology Co., Ltd.
Vulnerability Description: You can use the injection vulnerability to get the site administrator permissions, so you can login to the website admin back-end/system/Login. aspx, and can obtain the webshell permissions.
Vulnerability scope: the use of WanHu ezEIP 2.0 website, there may be dangers! of!!
Patch download: official not released the patch.