cve/CVE-2018-14472.md at 18943f3353ca1cc3fd2595afa412856465e29c78

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-12-30 04:49:42 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.

POC

Reference

https://github.com/wuzhicms/wuzhicms/issues/144

Github

No PoCs found on GitHub currently.

679 B Raw Blame History

CVE-2018-14472

Description

POC

Reference

Github

679 B

Raw Blame History