Vulnerabilities > Wang Market > Wangmarket CMS > 4.10

DATE CVE VULNERABILITY TITLE RISK
2023-04-28 CVE-2023-26813 SQL Injection vulnerability in Wang.Market Wangmarket CMS 4.10
SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do.
network
low complexity
wang-market CWE-89
critical
 9.8
9.8