Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
master-nan Sweet-CMS index sql injection
Vulnerability Description
A vulnerability was found in master-nan Sweet-CMS up to 5f441e022b8876f07cde709c77b5be6d2f262e3f. It has been declared as critical. This vulnerability affects unknown code of the file /table/index. The manipulation leads to sql injection. The attack can be initiated remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 146359646a5a90cb09156dbd0013b7df77f2aa6c. It is recommended to apply a patch to fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Sweet-CMS SQL注入漏洞
Vulnerability Description
Sweet-CMS是master-nan个人开发者的一个基于 Gin, GORM, Redis, Casbin, Viper 等强大技术栈构建的高性能后台管理系统。 Sweet-CMS 5f441e022b8876f07cde709c77b5be6d2f262e3f及之前版本存在SQL注入漏洞,该漏洞源于文件/table/index的未知代码。
CVSS Information
N/A
Vulnerability Type
N/A