SQL injection vulnerability in reply_content parameter of xycms add_book.php page
XYCMS was formerly known as Nanjing XYCMS Enterprise Station Building System, which is a commercial station building system based on ASP development. Xycms SQL injection vulnerability, the system on the addbook page btittle parameters are not effectively filtered, attackers can exploit the...