Critical severity9.8NVD Advisory· Published Apr 28, 2021· Updated Jun 17, 2026
CVE-2020-18020
CVE-2020-18020
Description
SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- PHPSHE/Mall Systemdescription
Patches
Vulnerability mechanics
References
1- gitee.com/koyshe/phpshe/issues/IQ8S8nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.