SQL Injection in Wuzhi CMS v4.1.0 allows remote malicious users to obtain sensitive information via the 'flag' parameter in the component '/coreframe/app/order/admin/index.php'.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wuzhicms wuzhicms 4.1.0 |