JumboTCMS V7.1.5.0829 ordernum parameter has sql injection vulnerability
JumboTCMS V7.1.5.0829 is a set of open source web content management system built by the Microsoft . JumboTCMS V7.1.5.0829 user/ajax.aspx?oper=ajaxPayOrder page ordernum parameter exists sql injection vulnerability. An attacker can exploit the vulnerability to obtain sensitive database informatio...