Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in Kasseler CMS 1.1.0 and 1.2.0 allow remote attackers to execute arbitrary SQL commands via (1) the nid parameter to index.php in a View action to the News module; (2) the vid parameter to index.php in a Result action to the Voting module; (3) the fid parameter to index.php in a ShowForum action to the Forum module; (4) the tid parameter to index.php in a ShowTopic action to the Forum module; (5) the uname parameter to index.php in a UserInfo action to the Account module; or (6) the module parameter to index.php, probably related to the TopSites module.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Kasseler CMS 多个SQL注入漏洞
Vulnerability Description
Kasseler CMS是一款基于PHP的内容管理系统。 Kasseler CMS 1.1.0 和 1.2.0的多个SQL注入漏洞允许远程攻击者通过 (1) 对News模块的一个View操作中的index.php中的nid参数; (2) 对Voting模块的Result操作的index.php中的vid参数; (3) 对Forum模块的ShowForum操作的index.php中的fid参数; (4) 对Forum模块的ShowTopic操作的index.php中的tid参数; (5) 对Account模
CVSS Information
N/A
Vulnerability Type
N/A