2 matches found
CVE-2020-23966
SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request...
CVE-2020-23966
Victor CMS 1.0 is affected by a SQL Injection in the post parameter of /post.php via crafted GET requests. The vulnerability allows an attacker to execute arbitrary commands, with CVSS 3.1 base score 9.8 (CRITICAL) and impacts to confidentiality, integrity, and availability (C:H, I:H, A:H). Root ...