lmxcms SQL注入漏洞

lmxcms dream cms is a website builder system of China Dream Cms lmxcms company. SQL injection vulnerability exists in lmxcms version 1.41, the vulnerability stems from a security issue in the function reply in the file BookAction.class.php, which leads to SQL injection via the parameter id...

PT-2023-16894 · Lmxcms · Lmxcms

Name of the Vulnerable Software and Affected Versions: lmxcms version 1.41 Description: A critical issue was found in the function reply of the file BookAction.class.php. The manipulation of the argument id with the input 1 and updatexml0,concat0x7e,user,1 leads to sql injection. The attack may b...