2021-01-22 08:30:20
twcert
PUBLISHED
Hyweb HyCMS-J1s API fail to filter POST request parameters. Remote attackers can inject SQL syntax and execute commands without privilege.