CVE-2018-14389

CVE-2018-14389

joyplus-cms 1.6.0 has SQL Injection via the manager/admin_ajax.php val parameter.

Source: CVE-2018-14389