Submeter #262341: CXBSoft UrlShorting ≤v1.3.1 SQL Injectioninformação

TítuloCXBSoft UrlShorting ≤v1.3.1 SQL Injection
DescriçãoThe UrlShorting application, as of version v1.3.1, contains a SQL Injection vulnerability within the index.php file. Specifically, the 'url' parameter is directly concatenated into a SQL query, which allows for potential SQL Injection attacks. Attackers can exploit this by crafting malicious URL parameters, as demonstrated by the provided payload that uses a union select statement to retrieve the version of the database, indicating that the application is susceptible to SQL injection attacks.
Fonte⚠️ https://note.zhaoj.in/share/GdpwiaItePFq
Utilizador
 glzjin (UID 59815)
Submissão04/01/2024 11h31 (há 2 anos)
Moderação14/01/2024 17h29 (10 days later)
EstadoAceite
Entrada VulDB250694 [CXBSoft Url-shorting até 1.3.1 index.php url Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!