Vulnerabilities > Phpkaiyuancms

DATE CVE VULNERABILITY TITLE RISK
2018-08-31 CVE-2018-16278 SQL Injection vulnerability in PHPkaiyuancms PHPopensourcecms 3.2.0
phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter.
network
low complexity
phpkaiyuancms CWE-89
7.5