2 matches found
CVE-2018-14472
An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection...
CVE-2018-14472
WUZHI CMS 4.1.0 is affected by CVE-2018-14472. The vulnerable file is coreframe/app/order/admin/goods.php, where the $keywords parameter is used directly in SQL without filtering, enabling SQL injection. The Red Hat/CNVD/OSV records indicate a remote attacker could exploit this to execute arbitra...