Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in module.php in LANAI (la-nai) CMS 1.2.14 allow remote attackers to execute arbitrary SQL commands via (1) the mid parameter in an faqviewgroup action in the FAQ Modules, (2) the cid parameter in the EZSHOPINGCART Modules, or (3) the gid parameter in a view action in the GALLERY Modules.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
LANAI CMS 多个SQL注入漏洞
Vulnerability Description
LANAI (la-nai) CMS 1.2.14版本的模数.php中存在多个SQL注入漏洞。远程攻击者可以借助(1)FAQ模块中的一个faqviewgroup操作中的mid参数,(2)EZSHOPINGCART模块中的cid参数或(3)GALLERY模块的一个view操作中的gid参数,执行任意SQL指令。
CVSS Information
N/A
Vulnerability Type
N/A