2019-05-21 18:29:01 2019-05-21 20:09:57

sadmin/ceditpost.php in UCMS 1.4.7 allows SQL Injection via the index.php?do=sadmin_ceditpost cvalue parameter.