| Título | https://github.com/TeamEasy/EasyCMS EasyCMS v1.6 SQL injection vulnerability |
|---|
| Descrição | There exists a SQL injection vulnerability in the /RbacuserAction.class.php file of EasyCMS v1.6. This vulnerability is triggered when a user clicks Refresh on the backend user management page, because the system fails to effectively filter and validate the request parameter _order, allowing attackers to craft malicious request packets with injection markers to exploit the flaw.
Verified via sqlmap, this vulnerability is of the time-based blind injection type and is compatible with MySQL ≥ 5.0.12 databases. Once exploited, it enables attackers to bypass authentication, steal/tamper with/delete sensitive data in the database, and even execute system commands to take control of the server. This will lead to severe security incidents such as data leakage and server compromise, posing an enormous threat to system security and data confidentiality.
|
|---|
| Fonte | ⚠️ https://github.com/ueh1013/VULN/issues/20 |
|---|
| Utilizador | 0xheeo (UID 85569) |
|---|
| Submissão | 24/02/2026 04h08 (há 2 meses) |
|---|
| Moderação | 08/03/2026 08h03 (12 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 349753 [EasyCMS até 1.6 Request Parameter RbacuserAction.class.php _order Injeção SQL] |
|---|
| Pontos | 20 |
|---|