CVE-2021-40670

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file...

CVE-2021-40670

SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file...

CVE-2021-40670

CVE-2021-40670 affects Wuzhi CMS 4.1.0. A SQL injection flaw exists in the keywords parameter exposed via /coreframe/app/order/admin/card.php, enabling manipulation of database queries. Multiple sources confirm the vulnerability and describe it as a SQL injection in Wuzhi CMS 4.1.0. CVSS metrics ...