Enviar #262347: Cxbsoft UrlShorting ≤v1.3.1 SQL Injectioninformación

TítuloCxbsoft UrlShorting ≤v1.3.1 SQL Injection
DescripciónThe "UrlShorting" application contains a SQL Injection vulnerability in the /pages/short_to_long.php file, as identified by glzjin in versions up to and including v1.3.1. The flaw arises from the application's improper handling of the shorturl parameter, which is directly incorporated into the SQL query, thus allowing an attacker to execute arbitrary SQL commands by sending specially crafted POST requests, as exemplified by the provided malicious payload.
Fuente⚠️ https://note.zhaoj.in/share/Zezf8fmoq7lk
Usuario
 glzjin (UID 59815)
Sumisión2024-01-04 11:49 (hace 2 años)
Moderación2024-01-14 17:29 (10 days later)
EstadoAceptado
Entrada de VulDB250696 [CXBSoft Url-shorting hasta 1.3.1 HTTP POST Request /pages/short_to_long.php shorturl inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!