All Products
Document Center

[Vulnerability notice] Web SQL injection vulnerability in FineCMS

Last Updated: Nov 14, 2017


FineCMS is a popular website content management system.

However, FineCMS does not impose strict filtering policies for some parameters, allowing attackers to construct a malicious request to start web SQL injection attacks on the website, and further steal the website data or break into the server.

Affected versions

All versions of FineCMS


  • Use Alibaba Cloud Security Web Application Firewall service to intercept the attacking code for this vulnerability.

  • Stay tuned with the latest patches released on the FineCMS official website.