edit-icon download-icon

[Vulnerability notice] Web SQL injection vulnerability in FineCMS

Last Updated: Nov 14, 2017

Description

FineCMS is a popular website content management system.

However, FineCMS does not impose strict filtering policies for some parameters, allowing attackers to construct a malicious request to start web SQL injection attacks on the website, and further steal the website data or break into the server.

Affected versions

All versions of FineCMS

Fix

  • Use Alibaba Cloud Security Web Application Firewall service to intercept the attacking code for this vulnerability.

  • Stay tuned with the latest patches released on the FineCMS official website.

Thank you! We've received your feedback.