CVE-2018-19895
CVE-2018-19895 affects ThinkCMF X2.2.2 and is a SQL Injection vulnerability in the function edit_post() within NavController.class.php. The issue can be exploited by users with manager/administrator privileges through the parentid parameter in a navigation action. Publicly documented details conf...