CVE-2020-18746

SQL Injection in AiteCMS v1.0 allows remote attackers to execute arbitrary code via the component «aitecms/login/diy_list.php».