CVE-2022-23336
S-CMS v5.0 has a SQL injection in member_pay.php via the O_id parameter. Root cause: improper handling of O_id leads to injectable SQL statements. Impact ranges from partial confidentiality, integrity, and availability impacts per CVSS data (base scores 7.5/9.8). No exploitation details or fixes ...