CVE-2024-25428 Information

Description

SQL Injection vulnerability in MRCMS v3.1.2 allows attackers to run arbitrary system commands via the status parameter.

Reference

https://github.com/wuweiit/mushroom/issues/19