SQL Injection in Pro3W CMS

Pro3W CMS if vulnerable to SQL injection attacks. Improper neutralization of input provided into a login form allows an unauthenticated attacker to bypass authentication and gain administrative privileges.  This issue was identified in version 1.2.0 of this software. Due to lack of response from the vendor exact version range could not be determined, but the vulnerability should be eliminated in versions released in January 2026 and later.

N/A

SQL命令中使用的特殊元素转义处理不恰当(SQL注入)

Pro3W CMS SQL注入漏洞

Pro3W CMS是波兰Pro3W公司的一个内容管理系统。 Pro3W CMS 1.2.0版本存在SQL注入漏洞，该漏洞源于登录表单输入中和不当，可能导致未经身份验证的攻击者绕过身份验证并获得管理权限。

N/A

N/A