Duomi (DuomiCms) movie and TV management system topic and tid parameters exist SQL injection vulnerability

Duomi DuomiCms film and television management system is a set of specialized video on demand system. A SQL injection vulnerability exists in DuomiCms. The lack of filtering of the 'topic' and 'tid' parameters allows an attacker to exploit the vulnerability to obtain sensitive information from the...