SQL Injection vulnerability in eyoucms cms v1.4.7, allows attackers to execute arbitrary code and disclose sensitive information, via the tid parameter to index.php.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-24000
Reference (s):
- https://github.com/eyoucms/eyoucms/issues/13