| Título | SUL1SS_shop Order.php keyword parameter SQLi |
|---|
| Descrição | The SUL1SS_shop system is a store application developed based on the ThinkPHP5 framework.
The Order page query function in the background of this system has a SQL Boolean blind injection caused by a keyword parameter (login to the system is required),
(https://github.com/617746883/thinkphp5.0_shop)
Operations on keyword parameters cause SQL injection vulnerabilities,
Will cause some unknown hazards.
Authenticate with sqlmap (requires login for cookies to work)
Specific content (utilization examples) need to view the link |
|---|
| Fonte | ⚠️ https://tib36.github.io/2023/03/04/SUL1SS-shop-SQLi/ |
|---|
| Utilizador | nokali (UID 42250) |
|---|
| Submissão | 04/03/2023 14h21 (há 3 anos) |
|---|
| Moderação | 08/03/2023 19h00 (4 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 222599 [SUL1SS_shop Order.php keyword Injeção SQL] |
|---|
| Pontos | 20 |
|---|