CVE-2018-19898
ThinkCMF X2.2.2 is affected by an SQL injection in the edit_post action of ArticleController.class.php. The vulnerability is exploitable by normal authenticated users via the post[id][1] parameter when editing an article. Multiple connected documents (NVD, Red Hat, OSV, CVE lists, CNVD, and other...