CVE-2026-3785

A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument order leads to sql injection. The attack can be initiated remotely. The exploit is...

CVE-2026-3785

A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument order leads to sql injection. The attack can be initiated remotely. The exploit is...

CVE-2026-3785 EasyCMS Request Parameter RbacnodeAction.class.php sql injection

A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument order leads to sql injection. The attack can be initiated remotely. The exploit is...

CVE-2026-3785 EasyCMS Request Parameter RbacnodeAction.class.php sql injection

A vulnerability was identified in EasyCMS up to 1.6. The affected element is an unknown function of the file /RbacnodeAction.class.php of the component Request Parameter Handler. The manipulation of the argument order leads to sql injection. The attack can be initiated remotely. The exploit is...

EasyCMS SQL注入漏洞

EasyCMS is a PHP-based website building system from the EasyCMS community. Versions of EasyCMS 1.6 and earlier have a SQL injection vulnerability. This vulnerability stems from incorrect handling of the order parameter in the file/RbacnodeAction.class.php file, which may lead to SQL injection...

PT-2026-23985

Name of the Vulnerable Software and Affected Versions EasyCMS versions up to 1.6 Description A flaw exists in EasyCMS that allows for remote SQL injection. The issue is located in an unknown function within the /RbacnodeAction.class.php file, part of the Request Parameter Handler component...