Submeter #475302: cy-fast 1.0 SQL Injectioninformação

Títulocy-fast 1.0 SQL Injection
DescriçãoThe current version of cy-fast has an SQL injection vulnerability that allows attackers to execute SQL statements. Due to the lack of comprehensive filtering of SQL statements, users can concatenate and execute unfiltered SQL functions. the vulnerability hapens in SysUserController.java.
Fonte⚠️ https://github.com/d3do-23/cvelist/blob/main/cy-fast/sqli2.md
Utilizador
 d3do (UID 79609)
Submissão06/01/2025 11h00 (há 1 Ano)
Moderação08/01/2025 18h13 (2 days later)
EstadoAceite
Entrada VulDB290821 [leiyuxi cy-fast 1.0 /sys/user/listData order Injeção SQL]
Pontos17

Want to stay up to date on a daily basis?

Enable the mail alert feature now!