Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Unsanitized user input in ExpressionEngine <= 5.4.0 control panel member creation leads to an SQL injection. The user needs member creation/admin control panel access to execute the attack.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Packet Tide ExpressionEngine 安全漏洞
Vulnerability Description
Packet Tide ExpressionEngine是美国PACKET TIDE(Packet Tide)公司的一套开源的内容管理系统(CMS)。 Packet Tide ExpressionEngine存在SQL注入漏洞,该漏洞源于在ExpressionEngine <= 5.4.0控件面板成员创建中,未经消毒的用户输入会导致SQL注入。用户需要访问成员创建管理控制面板来执行攻击。
CVSS Information
N/A
Vulnerability Type
N/A