Public CVE-2018-16715 disclosure

An issue is discovered in baijiacms V4. Blind SQL Injection exists via the order parameter in an index.php?act=index request.