إرسال #475302: cy-fast 1.0 SQL Injectionالمعلومات

عنوانcy-fast 1.0 SQL Injection
الوصفThe current version of cy-fast has an SQL injection vulnerability that allows attackers to execute SQL statements. Due to the lack of comprehensive filtering of SQL statements, users can concatenate and execute unfiltered SQL functions. the vulnerability hapens in SysUserController.java.
المصدر⚠️ https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md
المستخدم
 d3do (UID 79609)
ارسال06/01/2025 11:00 AM (1 سنة منذ)
الاعتدال08/01/2025 06:13 PM (2 days later)
الحالةتمت الموافقة
إدخال VulDB290821 [leiyuxi cy-fast 1.0 /sys/user/listData order حقن SQL]
النقاط17

Do you know our Splunk app?

Download it now for free!