CVE-2018-7269

Posted on by admin

CVE-2018-7269

The findByCondition function in framework/db/ActiveRecord.php in Yii 2.x before 2.0.15 allows remote attackers to conduct SQL injection attacks via a findOne() or findAll() call, unless a developer recognizes an undocumented need to sanitize array input.

Source: CVE-2018-7269

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다