SQL Injection Vulnerability in the Content Parameter of the /www/index.php Page of Hi-Read Media's Digital Newspaper System

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. There is a SQL injection vulnerability in this product, the vulnerability URL is: /www/index.php?mod=admin&con=review&content=1, the vulnerability parameter is: content, the attacker can use the vulnerability...

Arbitrary Password Changing Vulnerability in Hi-Read Media's Digital Newspaper System

Joy Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. The product /www/index.php?mod=admin&con=adminuser&act=editpost there is an arbitrary password change vulnerability, an attacker can exploit the vulnerability by submitting a POST request to change the...

SQL Injection Vulnerability in the userId Parameter of Hi-Read Media's Digital Newspaper System

Joyful Reading Kiosk Digital Newspaper System is a digital newspaper WEB management system. The product has a SQL injection vulnerability, the vulnerability URL is: index.php?mod=admin&con=subscribe&act=unsubscribe&subsId=31&userId=880&paperscn=%B8%D6%CC%FA%C2%AF%C1%CF&papersen=gtll, the...