First published: Wed Jun 02 2021(Updated: )
FDCMS (aka Fangfa Content Management System) 4.0 contains a front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Fangfa Fdcms | =4.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2020-35441 is a front-end SQL injection vulnerability in FDCMS (aka Fangfa Content Management System) version 4.0.
CVE-2020-35441 has a severity rating of 9.8 (critical).
CVE-2020-35441 affects FDCMS version 4.0, allowing attackers to perform front-end SQL injection via Admin/Lib/Action/FloginAction.class.php.
At the moment, there is no known fix for CVE-2020-35441. It is recommended to update to a newer version of FDCMS when a fix becomes available.
You can find more information about CVE-2020-35441 at the following reference: http://www.ttk7.cn/post-141.html