| عنوان | 广州图创计算机软件开发有限公司 Interlib <=V 2.0.1 SQL injection |
|---|
| الوصف | Guangzhou Tuchuang Computer Software Development Co., Ltd. is a high-tech enterprise that integrates product research and development, application integration, and customer service. Its main goal is to provide high-quality application software system design, integration, and maintenance services to users in the library industry.
The /interlib/order/BatchOrder module in the Interlib Library Cluster Automation Management System V2.0.1 (referred to as "Interlib V2.0.1") contains a SQL injection vulnerability. Due to the module's failure to properly filter or validate user input SQL statements, attackers can construct malicious SQL statements to execute unauthorized database queries. Unauthenticated attackers can exploit this vulnerability to access sensitive information in the database, such as library configuration information and user data.
PR:H |
|---|
| المصدر | ⚠️ https://wiki.shikangsi.com/post/share/9dbc9639-ee9d-4328-9ed2-bc1bfbb2e741 |
|---|
| المستخدم | wiki (UID 72124) |
|---|
| ارسال | 30/10/2024 10:52 AM (2 سنوات منذ) |
|---|
| الاعتدال | 06/11/2024 09:31 PM (7 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 283366 [Guangzhou Tuchuang Computer Software Development Interlib Library Cluster Automation Management System حقن SQL] |
|---|
| النقاط | 20 |
|---|