Dedecms · Dedecms · CVE-2018-19061
**Name of the Vulnerable Software and Affected Versions**
DedeCMS version 5.7 SP2
**Description**
The issue is related to SQL Injection, which can be exploited via the `ids` parameter in the `dedeco do.php` file.
**Recommendations**
For DedeCMS version 5.7 SP2, consider restricting access to the `dedeco do.php` file or avoiding the use of the `ids` parameter until a fix is available.