ThinkCMF SQL Injection Vulnerability (CNVD-2019-07959)
ThinkCMF is a Chinese content management framework based on PHP+MYSQL. A SQL injection vulnerability exists in the delete function in SlideController.class.php in ThinkCMF X2.2.2, which can be exploited by users with administrator privileges via the ids parameter in the slide operation...