CVE-2021-40670
CVE-2021-40670 affects Wuzhi CMS 4.1.0. A SQL injection flaw exists in the keywords parameter exposed via /coreframe/app/order/admin/card.php, enabling manipulation of database queries. Multiple sources confirm the vulnerability and describe it as a SQL injection in Wuzhi CMS 4.1.0. CVSS metrics ...