Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
60CycleCMS 2.5.2 - 'news.php' SQL Injection Vulnerability
Vulnerability Description
60CycleCMS 2.5.2 contains an SQL injection vulnerability in news.php and common/lib.php that allows attackers to manipulate database queries through unvalidated user input. Attackers can exploit vulnerable query parameters like 'title' to inject malicious SQL code and potentially extract or modify database contents. This issue does not involve cross-site scripting.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
60CycleCMS SQL注入漏洞
Vulnerability Description
60CycleCMS是60CycleCMS开源的一个内容管理系统。 60CycleCMS 2.5.2版本存在SQL注入漏洞,该漏洞源于news.php和common/lib.php文件存在SQL注入,可能导致攻击者通过未验证的用户输入操纵数据库查询。
CVSS Information
N/A
Vulnerability Type
N/A