| Titel | https://github.com/gongfuxiang/schoolcms schoolcms2.3.1 2.3.1 SQL injection |
|---|
| Beschreibung | This source code is developed using thinkphp 3.2.3 framework, There is a historical SQL injection vulnerability in the thinkphp3.2.3 framework,and if there are controllable variables in the find(), selete(), and delete() functions, there will be SQL injection,The variable id is a controllable variable |
|---|
| Quelle | ⚠️ https://github.com/adminnerr/cve/issues/1 |
|---|
| Benutzer | kai_kk (UID 85022) |
|---|
| Einreichung | 07.05.2025 08:49 (vor 1 Jahr) |
|---|
| Moderieren | 15.05.2025 18:14 (8 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 309105 [gongfuxiang schoolcms 2.3.1 index.php?m=Admin&c=article&a=SaveInfo ID SQL Injection] |
|---|
| Punkte | 18 |
|---|