Submit #469226: ZeroWdd myblog 1.0 sql injectinfo

Titel	ZeroWdd myblog 1.0 sql inject
Beschreibung	The keyword parameters for findBlogList and getTotalBlogs in src/main/resources/mapper/BlogMapper.xml are injected, allowing attackers to inject SQL without authorization
Quelle	⚠️ https://github.com/ZeroWdd/myblog/issues/2
Benutzer	LVZC1 (UID 76422)
Einreichung	26.12.2024 15:27 (vor 1 Jahr)
Moderieren	08.01.2025 13:05 (13 days later)
Status	Akzeptiert
VulDB Eintrag	290782 [ZeroWdd myblog 1.0 BlogMapper.xml findBlogList/getTotalBlogs erweiterte Rechte]
Punkte	15

Do you need the next level of professionalism?

Upgrade your account now!