CVE-2018-14472

An issue was discovered in WUZHI CMS 4.1.0. The vulnerable file is coreframe/app/order/admin/goods.php. The $keywords parameter is taken directly into execution without any filtering, leading to SQL injection.
References
Link Resource
https://github.com/wuzhicms/wuzhicms/issues/144 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:wuzhicms:wuzhicms:4.1.0:*:*:*:*:*:*:*

Information

Published : 2018-07-20 04:29

Updated : 2018-09-14 02:03


NVD link : CVE-2018-14472

Mitre link : CVE-2018-14472

Products Affected
No products.
CWE