SQL Injection in PHPSHE Mall System v1.7 allows remote attackers to execute arbitrary code by injecting SQL commands into the "user_phone" parameter of a crafted HTTP request to the "admin.php" component.
Metrics
Affected Vendors & Products
References
Link | Providers |
---|---|
https://gitee.com/koyshe/phpshe/issues/IQ8S8 |
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2021-04-28T13:22:47
Updated: 2024-08-04T14:00:49.018Z
Reserved: 2020-08-13T00:00:00
Link: CVE-2020-18020
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2021-04-28T14:15:07.550
Modified: 2021-05-05T20:25:20.740
Link: CVE-2020-18020
Redhat
No data.