CVE-2022-27431
Wuzhicms v4.1.0 is affected by CVE-2022-27431 due to a SQL injection vulnerability via the groupid parameter in /coreframe/app/member/admin/group.php. The root cause, as described in CNVD/CVE entries, is lack of input validation for external SQL statements enabling attackers to craft inputs that ...