SQL injection vulnerability in siteinfo parameter of xycms add_ad.php page
XYCMS was formerly known as Nanjing XYCMS Enterprise Station Building System, which is a commercial station building system based on ASP development. Xycms SQL injection vulnerability, the system on the addad.php page siteinfo parameters are not effectively filtered, attackers can exploit the...