CVE-2021-46458

Name of the Vulnerable Software and Affected Versions Victor CMS version 1.0

Description The issue is related to a SQL injection vulnerability in the admin/posts.php component, specifically when the source parameter is set to add post. This vulnerability can be exploited through a crafted POST request via the post title parameter.

Recommendations For Victor CMS version 1.0, as a temporary workaround, consider restricting access to the admin/posts.php component, specifically when the source parameter is set to add post, until a patch is available. Avoid using the post title parameter in the affected component to minimize the risk of exploitation.