| 제목 | HuangDou UTCMS V9 Execute any SQL statement |
|---|
| 설명 | In the sql.php page, users can execute SQL query statements, but no results will be displayed. The problem is that there is no parameter filtering, and attackers can execute SELECT, CREATE, INSERT and other statements after logging into the backend. |
|---|
| 원천 | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE5-3.md |
|---|
| 사용자 | chenzijie0619 (UID 74657) |
|---|
| 제출 | 2024. 10. 06. AM 04:51 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 10. 12. PM 06:16 (7 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 280246 [HuangDou UTCMS V9 sql.php RunSql sql SQL 주입] |
|---|
| 포인트들 | 16 |
|---|