SQL Injection Vulnerability in arcms through 2018-03-19
CVE-2018-19558 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
An issue was discovered in arcms through 2018-03-19. SQL injection exists via the json/newslist limit parameter because of ctl/main/Json.php, ctl/main/service/Data.php, and comp/Db/Mysql.php.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.