Latest Security News about cve 2019 16644

Contact us to Fix the issue

TuziCMS 2.0.6 has SQL injection via index.php

Overview : App\Home\Controller\ZhuantiController.class.php in TuziCMS 2.0.6 has SQL injection via the index.php/Zhuanti/group?id= substring. Affected Product(s) : TuziCMS 2.0.6 Vulnerability Details : CVE ID : CVE-2019-16644 Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) (CWE-89) Solution : update/upgrade to the latest versions listed in the site.