CVE-2020-18877

Publication date

2021-08-20 13:20:04

Family

mitre

State

PUBLISHED

Description

SQL Injection in Wuzhi CMS v4.1.0 allows remote attackers to obtain sensitive information via the flag parameter in the component /coreframe/app/order/admin/index.php.