CVE-2018-20018
CVE-2018-20018 affects S-CMS v3.0, where the S_id parameter enables SQL injection, demonstrated via /1/?type=productinfo&S_id=140. The connected CNVD/CNVD-2019-08326 and CNVD entries corroborate SQLi in S-CMS 3.0. The CVSS data shows base score 7.5 (high) for CVSS3.0 and 5.0 (medium) for CVSS2.0,...