VYPR
Critical severity9.8NVD Advisory· Published Feb 12, 2018· Updated Jun 17, 2026

CVE-2018-6893

CVE-2018-6893

Description

controllers/member/Api.php in dayrui FineCms 5.2.0 has SQL Injection: a request with s=member,c=api,m=checktitle, and the parameter 'module' with a SQL statement, lacks effective filtering.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.