admin/GobyVuls
1
0
Fork 0
mirror of https://github.com/gobysec/GobyVuls.git synced 2025-05-05 10:16:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
GobyVuls/CVE-2022-32300.md
Goby f3f948aba4
Create CVE-2022-32300.md 
add CVE-2022-32300
2023-04-06 20:06:49 +08:00

833 B
Raw Permalink Blame History

YoudianCMS v9.5.0 SQL Injection (CVE-2022-32300)

Vulnerability YoudianCMS v9.5.0 SQL Injection (CVE-2022-32300)
Chinese name YoudianCMS v9.5.0 sql注入CVE-2022-32300
CVSS core 8.8
FOFA Query (click to view the results directly) body="YoudianCMS"
Number of assets affected 987
Description YouDianCMS is a website CMS. YoudianCMS v9.5.0 version exists security holes, the vulnerability stems from a pass/App/Lib/Action/Admin/MailAction class. PHP MailSendID parameters of SQL injection vulnerabilities are found out.
Impact Able to read some sensitive files through SQL injection vulnerability.