SQL Injection in DedeCMS 5.7 via logo parameter in plus/flink_add.php

SQL Injection in DedeCMS 5.7 via logo parameter in plus/flink_add.php

CVE-2017-17730 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

DedeCMS through 5.7 has SQL Injection via the logo parameter to plus/flink_add.php.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.