CVE-2019-5488

EARCLINK ESPCMS-P8 has SQL injection in the install_pack/index.php?ac=Member&at=verifyAccount verify_key parameter. install_pack/espcms_public/espcms_db.php may allow retrieving sensitive information from the ESPCMS database.
References
Link Resource
http://www.iwantacve.cn/index.php/archives/108/ Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:earclink:espcms-p8:-:*:*:*:*:*:*:*

Information

Published : 2019-01-07 05:29

Updated : 2019-02-14 08:54


NVD link : CVE-2019-5488

Mitre link : CVE-2019-5488

Products Affected
No products.
CWE