CVE-2018-20477
CVE-2018-20477 affects S-CMS 3.0. The issue arises from failure to validate the P_no field in bank/callback1.php, enabling SQL injection and potential remote execution of SQL statements. Impact per sources includes partial/high integrity and confidentiality implications (per CVSS data) with a hig...