| 제목 | fastcms v0.1.5 SQL injection vulnerability |
|---|
| 설명 | The `client/article/list` interface of fastcms_v0.1.5 contains a SQL injection vulnerability. Attackers can exploit this vulnerability by constructing special SQL statements through the `orderBy` parameter, achieving the effect of SQL time-based blind injection, and thereby stealing sensitive information from the database. |
|---|
| 원천 | ⚠️ https://github.com/IceFoxH/VULN/issues/8 |
|---|
| 사용자 | icefoxh (UID 82165) |
|---|
| 제출 | 2025. 03. 11. AM 07:48 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 03. 21. AM 08:18 (10 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 300577 [FastCMS 까지 0.1.5 /api/client/article/list orderBy SQL 주입] |
|---|
| 포인트들 | 0 |
|---|