top of page
perceptive_background_267k.jpg

A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The mani…

Published:

28 April 2026 at 22:00:00

Alert date:

29 April 2026 at 22:05:38

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A SQL injection vulnerability has been discovered in EyouCMS versions up to 1.7.9. The vulnerability affects the GetSortData function in the application/common.php file, where manipulation of the sort_asc argument leads to SQL injection. The attack can be initiated remotely and the exploit has been publicly disclosed. The project maintainers were notified early but have not yet responded to the issue report.

Technical details

Mitigation steps:

Affected products:

EyouCMS

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7389
https://gitee.com/weng_xianhu/eyoucms/issues/IILFPE
https://vuldb.com/submit/803103
https://vuldb.com/vuln/360114
https://vuldb.com/vuln/360114/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page