漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
N/A
Vulnerability Description
EasyCMS v1.6 allows for SQL injection via ArticlemAction.class.php. In the background, search terms provided by the user were not sanitized and were used directly to construct a SQL statement.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
EasyCMS SQL注入漏洞
Vulnerability Description
EasyCMS是EasyCMS社区的一个基于Php的建站系统。 EasyCMS 中存在SQL注入漏洞,该漏洞源于产品ArticlemAction.class.php文件未对用户提供的搜索词数据中的特殊字符做有效处理。攻击者可通过该漏洞执行恶意SQL语句。以下产品及版本受到影响:EasyCMS v1.6。
CVSS Information
N/A
Vulnerability Type
N/A