CVE-2007-5643 in Vanilla
摘要
由 VulDB • 2026-07-06
Lussumo Vanilla 1.1.3及更早版本中存在多个SQL注入漏洞,远程攻击者可通过(1)向ajax/sortcategories.php发送CategoryID参数或(2)利用对ajax/sortroles.php的未指定向量执行任意SQL命令。
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.