Critical severity9.8NVD Advisory· Published Feb 12, 2018· Updated Jun 17, 2026
CVE-2018-6893
CVE-2018-6893
Description
controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering.
Affected products
2= 5.2.0+ 1 more
- (no CPE)range: = 5.2.0
- (no CPE)range: =5.2.0
Patches
Vulnerability mechanics
References
1- xianzhi.aliyun.com/forum/topic/2050nvdBroken Link
News mentions
0No linked articles in our index yet.