| Titel | otcms otcms v7.01 sql injection |
|---|
| Beschreibung | 1. Database information leakage: Disclosure of users' privacy information stored in the database. 2. Web tamper: Tamper with a specific web page by manipulating the database. 3. The website is suspended, spreading malware: modify the value of some fields of the database, insert the network horse link, and mount the horse attack. 4. The database was maliciously manipulated: the database server was attacked and the system administrator account of the database was tampered with. 5. The server is remotely controlled: A backdoor is installed. Operating system support via a database server allows hackers to modify or control the operating system. 6. Damage the hard disk data and crash the whole system.
|
|---|
| Quelle | ⚠️ https://github.com/Num-Nine/CVE/issues/8 |
|---|
| Benutzer | wuguanfengyue (UID 52312) |
|---|
| Einreichung | 11.12.2023 10:52 (vor 3 Jahren) |
|---|
| Moderieren | 13.12.2023 13:23 (2 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 247908 [OTCMS 7.01 /admin/ind_backstage.php sqlContent SQL Injection] |
|---|
| Punkte | 20 |
|---|