waimairenCMS up to 9.0 sql injection

A vulnerability was found in waimairenCMS up to 9.0. It has been declared as critical. This vulnerability affects an unknown function. Upgrading to version 9.1 eliminates this vulnerability.

Field05/12/2022 12:46 PM05/14/2022 03:52 PM
namewaimairenCMSwaimairenCMS
version<=9.0<=9.0
cwe89 (sql injection)89 (sql injection)
risk22
cvss3_vuldb_avNN
cvss3_vuldb_acLL
cvss3_vuldb_prLL
cvss3_vuldb_uiNN
cvss3_vuldb_sUU
cvss3_vuldb_cLL
cvss3_vuldb_iLL
cvss3_vuldb_aLL
cvss3_vuldb_rlOO
cvss3_vuldb_rcCC
urlhttps://www.yuque.com/docs/share/6a504753-caa2-4b5e-95a7-a3e5f9485e44https://www.yuque.com/docs/share/6a504753-caa2-4b5e-95a7-a3e5f9485e44
nameUpgradeUpgrade
upgrade_version9.19.1
cveCVE-2022-30451CVE-2022-30451
cve_assigned16520472001652047200
date1652306400 (05/12/2022)1652306400 (05/12/2022)
cvss2_vuldb_avNN
cvss2_vuldb_acLL
cvss2_vuldb_ciPP
cvss2_vuldb_iiPP
cvss2_vuldb_aiPP
cvss2_vuldb_rcCC
cvss2_vuldb_rlOFOF
cvss2_vuldb_auSS
cvss2_vuldb_eNDND
cvss3_vuldb_eXX
cvss2_vuldb_basescore6.56.5
cvss2_vuldb_tempscore5.75.7
cvss3_vuldb_basescore6.36.3
cvss3_vuldb_tempscore6.06.0
cvss3_meta_basescore6.36.3
cvss3_meta_tempscore6.06.0
price_0day$0-$5k$0-$5k
cve_nvd_summaryAn authenticated user could execute code via a SQLi vulnerability in waimairenCMS before version 9.1.

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!