Time-Based SQL Injection in Waimai Super Cms 20150505

Time-Based SQL Injection in Waimai Super Cms 20150505

CVE-2019-7585 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

An issue was discovered in Waimai Super Cms 20150505. web/Lib/Action/PublicAction.class.php allows time-based SQL Injection via the param array parameter to the /index.php?m=public&a=checkemail URI.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.