| عنوان | cy-fast 1.0 SQL Injection |
|---|
| الوصف | The current version of cy-fast has an SQL injection vulnerability that allows attackers to execute SQL statements.
Due to the lack of comprehensive filtering of SQL statements, users can concatenate and execute unfiltered SQL functions.
the vulnerability hapens in SysUserController.java. |
|---|
| المصدر | ⚠️ https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md |
|---|
| المستخدم | d3do (UID 79609) |
|---|
| ارسال | 06/01/2025 11:00 AM (1 سنة منذ) |
|---|
| الاعتدال | 08/01/2025 06:13 PM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 290821 [leiyuxi cy-fast 1.0 /sys/user/listData order حقن SQL] |
|---|
| النقاط | 17 |
|---|