CVE-2018-17048by Jeremyin Security Bulletinson Posted on May 16, 2019 admin/Lib/Action/FpluginAction.class.php in FDCMS (aka Fangfa Content Manage System) 4.2 allows SQL Injection.