SQL Injection Vulnerability in S-CMS V3.0 via S_id Parameter
CVE-2018-20018 · MEDIUM Severity
AV:N/AC:L/AU:N/C:P/I:N/A:N
S-CMS V3.0 has SQL injection via the S_id parameter, as demonstrated by the /1/?type=productinfo&S_id=140 URI.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.