| 제목 | Tim Campus Confession Wall SQL injection exists |
|---|
| 설명 | Tim Campus Confession Wall SQL injection exists
Program download address:https://asj.lanzoui.com/i0nTFvu2m9e?w
Building environment:
phpstudy
php-5.4.5
windows10
Vulnerability file:
share.php
The GET method receives the value passed from the ID and sends it to the test_ Input method to process
In test_ The input method contains three functions. Trim removes the left and right spaces
Stripslashes Remove backslashes
The htmlspecialchars function is an html materialized escape
Then it is brought into the database to execute queries, and no filtering of injection vulnerabilities is performed in the process.
Vulnerability recurrence:
Vulnerability Reference Link
https://github.com/whiex/-Tim-Campus-Confession-Wall/blob/main/Tim%20Campus%20Confession%20Wall%20SQL%20injection%20exists.docx
|
|---|
| 원천 | ⚠️ https://github.com/whiex/-Tim-Campus-Confession-Wall |
|---|
| 사용자 | s7eyd7 (UID 30723) |
|---|
| 제출 | 2022. 11. 01. AM 03:19 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 11. 01. PM 02:22 (11 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 212611 [Tim Campus Confession Wall share.php post_id SQL 주입] |
|---|
| 포인트들 | 20 |
|---|