2 matches found
CMSWing Code Execution Vulnerability
CMSWing is a ThinkJS-based e-commerce platform and CMS builder. A code execution vulnerability exists in CMSWing 1.3.8. The vulnerability stems from the log function not checking the log parameter. An attacker can exploit this vulnerability to execute arbitrary commands via malicious parameters...
CMSWing SQL Injection Vulnerability
CMSWing is a ThinkJS-based e-commerce platform and CMS builder. A SQL injection vulnerability exists in CMSWing 1.3.8. The vulnerability stems from the rechargeAction function not checking the balance parameter. An attacker can exploit this vulnerability to execute arbitrary SQL commands via...