2 matches found
CVE-2019-25366
The CVE-2019-25366 issue affects microASP Portal+ CMS, where an SQL injection vulnerability exists in the explode_tree parameter. An unauthenticated attacker can send crafted requests to pagina.phtml to execute arbitrary SQL queries, using payloads with functions like extractvalue and concat to e...
microASP Portal+ CMS SQL注入漏洞
microASP Portal+ CMS is a smart content management system developed by microASP Corporation. The microASP Portal+ CMS has a SQL injection vulnerability. This vulnerability arises because unauthenticated attackers can inject malicious code into the explodetree parameter to execute arbitrary SQL...