Vulnerabilities > Phpkaiyuancms

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-31	CVE-2018-16278	SQL Injection vulnerability in PHPkaiyuancms PHPopensourcecms 3.2.0 phpkaiyuancms PhpOpenSourceCMS (POSCMS) V3.2.0 allows an unauthenticated user to execute arbitrary SQL commands via the diy/module/member/controllers/Api.php ajax_save_draft function with the dir parameter. network low complexity phpkaiyuancms CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.

Vulnerabilities > Phpkaiyuancms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Phpkaiyuancms"}]}

Vulnerabilities > Phpkaiyuancms