Отправить #282039: Limbas Limbas 5.2.14 Blind SQL injectionИнформация

НазваниеLimbas Limbas 5.2.14 Blind SQL injection
ОписаниеAfter logging in(default:admin/limbas), on the "/main_admin.php?action=setup_gtab_ftype&group_bzm=&tab_group=1&atid=2" page, the parameter "tab_group" has the risk of blind SQL injection. It is recommended to take defensive measures such as input validation or parameterized query for SQL statements. Exploiting this vulnerability could enable an attacker to take control of the application, alter or access data, or leverage recent vulnerabilities present in the underlying database.
Источник⚠️ https://github.com/liyako/vulnerability/blob/main/POC/Limbas-Blind-SQL-injection.md
Пользователь
 cotool (UID 63610)
Представление14.02.2024 09:33 (2 лет назад)
Модерация22.02.2024 20:02 (8 days later)
Статуспринято
Запись VulDB254575 [Limbas 5.2.14 main_admin.php tab_group SQL-инъекция]
Баллы20

Want to know what is going to be exploited?

We predict KEV entries!