Soumettre #204461: Background injection exists in lmxcmsinformation

TitreBackground injection exists in lmxcms
DescriptionVulnerability name: SQL injection vulnerability Bug description: in the application at http://127.0.0.1/lmxcms141/admin.php? An SQL injection vulnerability is present in m=Acquisi&a=caijiDataList&lid=. An attacker could exploit this vulnerability to perform malicious SQL queries, bypass authentication, access sensitive data, or perform malicious operations on a database. Affected version: Full version We can install the latest version of lmxcms, and then according to the above to repeat, log in the background and then input payload can be directly repeated, the use of difficulty is not high, it is recommended to use sqlmap to do so
La source⚠️ http://www.lmxcms.com/
Utilisateur
 yuanshen (UID 53971)
Soumission06/09/2023 10:08 (il y a 3 ans)
Modérer16/09/2023 08:47 (10 days later)
StatutAccepté
Entrée VulDB239858 [lmxcms jusqu’à 1.41 admin.php lid injection SQL]
Points17

PrécédentAperçuSuivant

Interested in the pricing of exploits?

See the underground prices here!