top of page
perceptive_background_267k.jpg

A security vulnerability has been detected in EyouCMS up to 1.7.9. The affected element is the function GetSortData of the file application/common.php. The mani…

Published:

28 april 2026 om 22:00:00

Alert date:

29 april 2026 om 17:02:35

Source:

nvd.nist.gov

Click to open the original link from this advisory

Web Technologies

A remote SQL injection vulnerability has been discovered in EyouCMS versions up to 1.7.9. The vulnerability exists in the GetSortData function within the application/common.php file, specifically through manipulation of the sort_asc argument. The attack can be initiated remotely and the exploit has been publicly disclosed. The project maintainers have been notified through an issue report but have not yet responded to address the security flaw.

Technical details

Mitigation steps:

Affected products:

EyouCMS

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-7389
https://gitee.com/weng_xianhu/eyoucms/issues/IILFPE
https://vuldb.com/submit/803103
https://vuldb.com/vuln/360114
https://vuldb.com/vuln/360114/cti

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Deze website toont informatie afkomstig van externe bronnen; Perceptive aanvaardt geen verantwoordelijkheid voor de juistheid, volledigheid of actualiteit van deze informatie.

bottom of page