CVE-2020-18913

EARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database information. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt