CVE-2020-23945
Victor CMS V1.0 contains a SQL injection flaw in the cat_id parameter of category.php. The cat_id input is used in SQL queries, enabling an attacker to retrieve data from the database. Root cause: unsafe handling/concatenation of user input in category.php. Affected component: Victor CMS 1.0, cat...