High severity7.2NVD Advisory· Published Jan 11, 2019· Updated Jun 17, 2026
CVE-2019-6127
CVE-2019-6127
Description
An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1- github.com/Eas3n/Vulnerabilities/blob/master/XiaoCMS_20141229_GETSHELL.mdnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.