| عنوان | Taokeyun Taokeyun <=1.0.5 SQL Injection |
|---|
| الوصف | The Taokeyun software, version 1.0.5 and below, suffers from a critical SQL Injection vulnerability in the file application/index/controller/app/Video.php. Specifically, the "index" function improperly handles user-supplied input in the 'cid' parameter, leading to potential manipulation of SQL queries. This flaw could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized access, data leakage, or other malicious activities. |
|---|
| المصدر | ⚠️ https://note.zhaoj.in/share/MuWxURhTIYTP |
|---|
| المستخدم | glzjin (UID 59815) |
|---|
| ارسال | 11/01/2024 09:03 AM (2 سنوات منذ) |
|---|
| الاعتدال | 12/01/2024 12:11 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 250587 [Taokeyun حتى 1.0.5 HTTP POST Request Video.php index cid حقن SQL] |
|---|
| النقاط | 20 |
|---|