Submeter #266018: Taokeyun Taokeyun <=1.0.5 SQL Injectioninformação

TítuloTaokeyun Taokeyun <=1.0.5 SQL Injection
DescriçãoThe Taokeyun software, version 1.0.5 and below, suffers from a critical SQL Injection vulnerability in the file application/index/controller/app/Video.php. Specifically, the "index" function improperly handles user-supplied input in the 'cid' parameter, leading to potential manipulation of SQL queries. This flaw could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized access, data leakage, or other malicious activities.
Fonte⚠️ https://note.zhaoj.in/share/MuWxURhTIYTP
Utilizador
 glzjin (UID 59815)
Submissão11/01/2024 09h03 (há 2 anos)
Moderação12/01/2024 12h11 (1 day later)
EstadoAceite
Entrada VulDB250587 [Taokeyun até 1.0.5 HTTP POST Request Video.php index cid Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!