| Titel | Chanjet Smooth T+system V3.5 SQL Injection |
|---|
| Beschreibung | Due to the lack of filtering and verification of user input at the keyEdit.aspx interface of Changjietong T+, unauthenticated attackers can not only exploit SQL injection vulnerabilities to obtain information from the database (such as administrator backend passwords, user personal information of the site), but even write Trojans to the server in high permission situations to further gain server system privileges. |
|---|
| Quelle | ⚠️ https://github.com/vulreport3r/cve-reports/blob/main/There_is_a_SQL_injection_vulnerability_in_the_Changjietong_T%2Bsystem/report.md |
|---|
| Benutzer | Zhou Jiaming (UID 69510) |
|---|
| Einreichung | 27.05.2024 12:08 (vor 2 Jahren) |
|---|
| Moderieren | 05.06.2024 17:44 (9 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 267185 [Chanjet Smooth T+system 3.5 keyEdit.aspx KeyID SQL Injection] |
|---|
| Punkte | 19 |
|---|