CWE-89

Luocms v2.0 is affected by SQL Injection through /admin/login.php. An attacker can log in to the background through SQL injection statements.

Luocms v2.0 is affected by SQL Injection in /admin/manager/admin_mod.php. An attacker can obtain sensitive information through SQL injection statements.

Luocms v2.0 is affected by SQL Injection in /admin/news/news_mod.php.

Luocms v2.0 is affected by SQL Injection in /admin/news/sort_mod.php.

Luocms v2.0 is affected by SQL Injection in /admin/link/link_mod.php.

Luocms v2.0 is affected by SQL Injection in /admin/link/link_ok.php.