Submeter #266022: Taokeyun Taokeyun <=1.0.5 SQL Injectioninformação

TítuloTaokeyun Taokeyun <=1.0.5 SQL Injection
DescriçãoThe application Taokeyun, version 1.0.5 and earlier, has a SQL Injection vulnerability in the file application/index/controller/app/Task.php, specifically in the 'index' function. This flaw allows an attacker to manipulate the 'cid' input parameter, enabling them to execute arbitrary SQL commands, such as causing a delay in the database response using the 'sleep' function, thus potentially leading to unauthorized data access or manipulation.
Fonte⚠️ https://note.zhaoj.in/share/dm5VSyxmQIdl
Utilizador
 glzjin (UID 59815)
Submissão11/01/2024 09h19 (há 2 anos)
Moderação12/01/2024 12h11 (1 day later)
EstadoAceite
Entrada VulDB250588 [Taokeyun até 1.0.5 HTTP POST Request Task.php index cid Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!