제출 #71150: tuziCMS 2.0.6 App\Manage\Controller\ArticleController.class.php has SQLinject정보

제목tuziCMS 2.0.6 App\Manage\Controller\ArticleController.class.php has SQLinject
설명hello, i am a newcomer. First submission vulnerability. A vulnerability classified as serious was found. The article module does not filter the id parameter. Causes a SQL injection vulnerability.It can query sensitive data, operate database and other hazards. code: \App\Manage\Controller\ArticleController.class.php line: 18 - 22 public function index(){ C('TOKEN_ON',false);//关闭表单令牌 //查询指定id的栏目信息 $id=I('get.id');//类别ID $topcate=M('Column')->where("id=$id")->order('column_sort')->select(); // dump($topcate); // exit; POC: http: //127.0.0.1/tuzicms/index.php/Manage/Article/index/id/1 and (extractvalue(1,concat(0x7e,(select user()),0x7e)))
원천⚠️ https://github.com/yeyinshi/tuzicms/issues/12
사용자
 Evilmu1 (UID 38763)
제출2023. 01. 12. AM 04:47 (3 연령 ago)
모더레이션2023. 01. 12. PM 03:46 (11 hours later)
상태수락
VulDB 항목218151 [TuziCMS 2.0.6 Article ArticleController.class.php index 아이디 SQL 주입]
포인트들20

이전개요다음

Do you need the next level of professionalism?

Upgrade your account now!