Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in CMS Mundo 1.0 build 008, and possibly other versions, allow remote attackers to execute arbitrary SQL commands via the (1) news_id parameter in the (a) news module, (2) searchstring parameter in (b) the search module, (3) id parameter in (c) the webshop module, (4) username parameter in (d) index.php, and (5) Name, (6) Address, (7) Zip, (8) City, (9) Country, and (10) Email fields during (e) a user profile update.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
CMS Mundo 多个SQL注入漏洞
Vulnerability Description
CMS Mundo 1.0 build 008以及可能的其他版本存在多个SQL注入漏洞。远程攻击者可以借助(1)(a) news 模块中的news_id 参数,(2)(b)search 模块中的 searchstring 参数, (3)(c)webshop 模块中的 id 参数,(4) (d) index.php中的username 参数, 以及(e) 用户配置文件更新过程中的(5) Name, (6) Address, (7) Zip,(8) City, (9) Country和(10) Email字段
CVSS Information
N/A
Vulnerability Type
N/A