Submit #475302: cy-fast 1.0 SQL Injectioninfo

Titelcy-fast 1.0 SQL Injection
BeschreibungThe current version of cy-fast has an SQL injection vulnerability that allows attackers to execute SQL statements. Due to the lack of comprehensive filtering of SQL statements, users can concatenate and execute unfiltered SQL functions. the vulnerability hapens in SysUserController.java.
Quelle⚠️ https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md
Benutzer
 d3do (UID 79609)
Einreichung06.01.2025 11:00 (vor 1 Jahr)
Moderieren08.01.2025 18:13 (2 days later)
StatusAkzeptiert
VulDB Eintrag290821 [leiyuxi cy-fast 1.0 /sys/user/listData order SQL Injection]
Punkte17

Interested in the pricing of exploits?

See the underground prices here!