Submit #266018: Taokeyun Taokeyun <=1.0.5 SQL Injectioninfo

TitelTaokeyun Taokeyun <=1.0.5 SQL Injection
BeschreibungThe Taokeyun software, version 1.0.5 and below, suffers from a critical SQL Injection vulnerability in the file application/index/controller/app/Video.php. Specifically, the "index" function improperly handles user-supplied input in the 'cid' parameter, leading to potential manipulation of SQL queries. This flaw could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized access, data leakage, or other malicious activities.
Quelle⚠️ https://note.zhaoj.in/share/MuWxURhTIYTP
Benutzer
 glzjin (UID 59815)
Einreichung11.01.2024 09:03 (vor 2 Jahren)
Moderieren12.01.2024 12:11 (1 day later)
StatusAkzeptiert
VulDB Eintrag250587 [Taokeyun bis 1.0.5 HTTP POST Request Video.php index cid SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!