EPSS
Percentile
41.8%
torfs-ict/cmsms is vulnerable to SQL Injection attacks. The vulnerability exists in the m1_sortby parameter in function.admin_articlestab.php due to improperly validated parameters, allowing a remote attacker to inject arbitrary SQL commands.
m1_sortby
function.admin_articlestab.php
github.com/advisories/GHSA-78c4-pg8x-p7pm
github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/sqli_order_by/CMS-MS-SQLi-report.md
seclists.org/fulldisclosure/2021/Mar/49