2021-12-03 21:15:00 2021-12-06 20:10:00

SQL Injection vulnerability exists in TuziCMS v2.0.6 via the id parameter in App\Manage\Controller\DownloadController.class.php.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

PARTIAL

Availability

PARTIAL
Advisory Patch Confirmed Link
https://github.com/yeyinshi/tuzicms/issues/8