إرسال #34: CMS Web-Gooroo <= 1.141 SQL Injectionالمعلومات

عنوانCMS Web-Gooroo <= 1.141 SQL Injection
الوصفSQL injection vulnerability in /wbg/core/_includes/authorization.inc.php in CMS Web-Gooroo allows remote attackers to execute arbitrary SQL commands via the wbg_login parameter. Thus it's possible to bypass the authorization procedure and gain access to the administrative panel. This vulnerability is handled as CVE 2017-18346 since 26/08/2018.
المصدر⚠️ https://www.exploit-db.com/exploits/42577/
المستخدم
 Kaimi (UID 1264)
ارسال28/08/2018 10:43 AM (8 سنوات منذ)
الاعتدال28/08/2018 12:50 PM (2 hours later)
الحالةتمت الموافقة
إدخال VulDB123295 [CMS Web-Gooroo حتى 1.140 authorization.inc.php wbg_login حقن SQL]
النقاط19

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!