• caglararli@hotmail.com
  • 05386281520

CVE-2024-2015 | ZhiCms 4.0 mcontroller.php getindexdata key sql injection

Çağlar Arlı      -    21 Views

CVE-2024-2015 | ZhiCms 4.0 mcontroller.php getindexdata key sql injection

A vulnerability, which was classified as critical, has been found in ZhiCms 4.0. This issue affects the function getindexdata of the file app/index/controller/mcontroller.php. The manipulation of the argument key leads to sql injection. The identification of this vulnerability is CVE-2024-2015. The attack may be initiated remotely. Furthermore, there is an exploit available.