Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Lvzhou CMS before commit c4ea0eb9cab5f6739b2c87e77d9ef304017ed615 (2025-09-22) is vulnerable to SQL injection via the 'title' parameter in com.wanli.lvzhoucms.service.ContentService#findPage. The parameter is concatenated directly into a dynamic SQL query without sanitization or prepared statements, enabling attackers to read sensitive data from the database.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Lvzhou CMS 安全漏洞
Vulnerability Description
Lvzhou CMS(绿洲CMS)是wanliofficial个人开发者的一个内容管理系统。 Lvzhou CMS(绿洲CMS)存在安全漏洞,该漏洞源于ContentService中title参数未过滤直接拼接SQL查询,可能导致SQL注入攻击。
CVSS Information
N/A
Vulnerability Type
N/A