Invia #475302: cy-fast 1.0 SQL Injectioninformazioni

Titolocy-fast 1.0 SQL Injection
DescrizioneThe current version of cy-fast has an SQL injection vulnerability that allows attackers to execute SQL statements. Due to the lack of comprehensive filtering of SQL statements, users can concatenate and execute unfiltered SQL functions. the vulnerability hapens in SysUserController.java.
Fonte⚠️ https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md
Utente
 d3do (UID 79609)
Sottomissione06/01/2025 11:00 (1 Anno fa)
Moderazione08/01/2025 18:13 (2 days later)
StatoAccettato
Voce VulDB290821 [leiyuxi cy-fast 1.0 /sys/user/listData order iniezione SQL]
Punti17

Want to know what is going to be exploited?

We predict KEV entries!