| عنوان | Tim Campus Confession Wall SQL injection exists |
|---|
| الوصف | Tim Campus Confession Wall SQL injection exists
Program download address:https://asj.lanzoui.com/i0nTFvu2m9e?w
Building environment:
phpstudy
php-5.4.5
windows10
Vulnerability file:
share.php
The GET method receives the value passed from the ID and sends it to the test_ Input method to process
In test_ The input method contains three functions. Trim removes the left and right spaces
Stripslashes Remove backslashes
The htmlspecialchars function is an html materialized escape
Then it is brought into the database to execute queries, and no filtering of injection vulnerabilities is performed in the process.
Vulnerability recurrence:
Vulnerability Reference Link
https://github.com/whiex/-Tim-Campus-Confession-Wall/blob/main/Tim%20Campus%20Confession%20Wall%20SQL%20injection%20exists.docx
|
|---|
| المصدر | ⚠️ https://github.com/whiex/-Tim-Campus-Confession-Wall |
|---|
| المستخدم | s7eyd7 (UID 30723) |
|---|
| ارسال | 01/11/2022 03:19 AM (4 سنوات منذ) |
|---|
| الاعتدال | 01/11/2022 02:22 PM (11 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 212611 [Tim Campus Confession Wall share.php post_id حقن SQL] |
|---|
| النقاط | 20 |
|---|