CVE-2018-16432
BlueCMS 1.6 is affected by CVE-2018-16432 via SQL injection in the user_name parameter to uploads/user.php?act=index_login. The underlying issue is improper input handling that enables an attacker to inject SQL through that parameter. The CVSS metrics indicate a high to critical impact (CVSSv2: 7...