2 matches found
CVE-2018-18488
In \lib\admin\action\dataaction.class.php in Gxlcms v2.0, SQL Injection exists via the ids parameter...
CVE-2018-16436
Gxlcms 2.0 before bug fix 20180915 has SQL Injection exploitable by an administrator...