CVE-2022-29667

Published May 26th, 2022

View on NVD ↗

CVSS v3

8.8

HIGH

CVSS v2

6.5

MEDIUM

Affected

PROJECT

Description

CSCMS Music Portal System v4.2 was discovered to contain a SQL injection vulnerability via /admin.php/pic/admin/pic/hy. This vulnerability is exploited via restoring deleted photos.

chshcms/cscms

基于CI框架开发的一套多元化产品

GitHub