An issue was discovered in Waimai Super Cms 20150505. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SQLi
PHP
Waimai Super Cms
NVD
GitHub
CVSS 3.0
9.8
EPSS
1.1%
inxedu through 2018-12-24 has a SQL Injection vulnerability that can lead to information disclosure via the deleteFaveorite/ PATH_INFO. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
SQLi
Java
Information Disclosure
Inxedu
NVD
CVSS 3.0
9.8
EPSS
1.5%