CVE-2019-16642
CVE-2019-16642 affects TuziCMS 2.0.6. Affected component: App\Mobile\Controller\ZhuantiController.class.php, vulnerable to SQL injection via the index.php/Mobile/Zhuanti/group?id= parameter. Root cause described as unsafe handling of user input in ZhuantiController; impact includes data exposure ...