dedecms5. 7 latest sql injection exploit guestbook. php-vulnerability warning-the black bar safety net

Impact version 5. 7 Vulnerability file edit. inc. php specific code: ExecuteNoneQuery" DELETE FROM @guestbook WHERE id='$id' "; ShowMsg"successfully deleted a message!", $GUESTBOOKPOS; exit; else if$job=='check' && $gisadmin $dsql-ExecuteNoneQuery" UPDATE @guestbook SET ischeck=1 WHERE id='$id' "...