CVE-2020-18877
CVE-2020-18877 is a SQL injection in Wuzhi CMS v4.1.0 affecting the /coreframe/app/order/admin/index.php component via the input flag parameter. Credible sources (NVD, Red Hat, CNVD, OSV, etc.) describe that an attacker can obtain sensitive information due to insufficient input filtering. The CVS...