2 matches found
SQL injection vulnerability in reply_content parameter of xycms add_book.php page
XYCMS was formerly known as Nanjing XYCMS Enterprise Station Building System, which is a commercial station building system based on ASP development. Xycms SQL injection vulnerability, the system on the addbook page btittle parameters are not effectively filtered, attackers can exploit the...
Xycms add_book page b_tittle parameter has SQL injection vulnerability
XYCMS was formerly known as Nanjing XYCMS Enterprise Station Building System, which is a commercial station building system based on ASP development. A SQL injection vulnerability exists in the btittle parameter of the Xycms addbook page. An attacker can exploit the vulnerability to obtain...