CVE-2023-26813

Published
View on NVD ↗
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT

Description

SQL injection vulnerability in com.xnx3.wangmarket.plugin.dataDictionary.controller.DataDictionaryPluginController.java in wangmarket CMS 4.10 allows remote attackers to run arbitrary SQL commands via the TableName parameter to /plugin/dataDictionary/tableView.do.

xnx3/wangmarket
xnx3/wangmarket
系统成熟、流程完善、细节精致、使用简单。极低的成本投入,30秒安装部署,选好模版一键导入。最快出网站,最快赚到钱。网市场云建站系统,历经8年,不断完善,拒绝半成品!
GitHubGitHub
341