CVE-2020-23966

Published May 8th, 2023

View on NVD ↗

CVSS v3

9.8

CRITICAL

CVSS v2

N/A

Affected

PROJECT

Description

SQL Injection vulnerability in victor cms 1.0 allows attackers to execute arbitrary commands via the post parameter to /post.php in a crafted GET request.

VictorAlagwu/CMSsite

A Simple Content Management System-Coded Using Mostly Procedural Programming Style in PHP

GitHub