제출 #114045: SQL injection vulnerability exists in Video Sharing Website정보

제목SQL injection vulnerability exists in Video Sharing Website
설명SQL injection vulnerability exists in email parameter of admin_class.php file of Video Sharing Website Important user data or system data may be leaked and system security may be compromised The environment is secure and the information can be used by malicious users. When visit ajax.php and action parameter is ‘login’,it will include admin_class.php,and email parameter can do sql injection. Payload: email=0'XOR(if(now()=sysdate(),sleep(1),0))XOR'Z' AND (SELECT 1067 FROM (SELECT(SLEEP(5)))ygqa) AND 'Kaxl'='Kaxl
원천⚠️ https://github.com/E1CHO/cve_hub/blob/main/Video%20Sharing%20Website/Video%20Sharing%20Website%20vuln%202.pdf
사용자
 SSL_Seven_Security Lab_WangZhiQiang_ZhangYing (UID 41874)
제출2023. 04. 14. AM 06:10 (3 연령 ago)
모더레이션2023. 04. 14. AM 08:22 (2 hours later)
상태수락
VulDB 항목225916 [Campcodes Video Sharing Website 1.0 admin_class.php email SQL 주입]
포인트들20

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!