mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 01:04:30 +00:00
730 B
730 B
CVE-2018-14472
Description
An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.
POC
Reference
Github
No PoCs found on GitHub currently.