| 제목 | Taokeyun Taokeyun <=1.0.5 SQL Injection |
|---|
| 설명 | The Taokeyun software, version 1.0.5 and below, suffers from a critical SQL Injection vulnerability in the file application/index/controller/app/Video.php. Specifically, the "index" function improperly handles user-supplied input in the 'cid' parameter, leading to potential manipulation of SQL queries. This flaw could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized access, data leakage, or other malicious activities. |
|---|
| 원천 | ⚠️ https://note.zhaoj.in/share/MuWxURhTIYTP |
|---|
| 사용자 | glzjin (UID 59815) |
|---|
| 제출 | 2024. 01. 11. AM 09:03 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 01. 12. PM 12:11 (1 day later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 250587 [Taokeyun 까지 1.0.5 HTTP POST Request Video.php index cid SQL 주입] |
|---|
| 포인트들 | 20 |
|---|