VYPR
High severity7.2NVD Advisory· Published Jan 11, 2019· Updated Jun 17, 2026

CVE-2019-6127

CVE-2019-6127

Description

An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

1

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.