Cmswing: >> Cmswing >> 1.3.8 Security Vulnerabilities
An issue was found in CMSWing project version 1.3.8. Because the log function does not check the log parameter, malicious parameters can execute arbitrary commands.
CVSS Score
9.8
EPSS Score
0.015
Published
2021-02-01
An issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-02-01
An issue was found in CMSWing project version 1.3.8, Because the rechargeAction function does not check the balance parameter, malicious parameters can execute arbitrary SQL commands.
CVSS Score
9.8
EPSS Score
0.005
Published
2021-02-01