| Titre | www.zzskzy.com Refined warehousing management system v1.3 RCE |
|---|
| Description | The code in the `ProcessRequest` method of the application lacks proper input validation, allowing for SQL Injection attacks which can lead to Remote Code Execution. |
|---|
| La source | ⚠️ https://github.com/Rain1er/report/blob/main/skWMX/5.md |
|---|
| Utilisateur | xiao9cc (UID 82206) |
|---|
| Soumission | 02/03/2025 10:49 (il y a 1 Année) |
|---|
| Modérer | 11/03/2025 16:07 (9 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 299289 [zzskzy Warehouse Refinement Management System 1.3 /getAdyData.ashx ProcessRequest showid injection SQL] |
|---|
| Points | 15 |
|---|