| Title | otcms otcms v7.01 sql injection |
|---|
| Description | 1. Database information leakage: Disclosure of users' privacy information stored in the database. 2. Web tamper: Tamper with a specific web page by manipulating the database. 3. The website is suspended, spreading malware: modify the value of some fields of the database, insert the network horse link, and mount the horse attack. 4. The database was maliciously manipulated: the database server was attacked and the system administrator account of the database was tampered with. 5. The server is remotely controlled: A backdoor is installed. Operating system support via a database server allows hackers to modify or control the operating system. 6. Damage the hard disk data and crash the whole system.
|
|---|
| Source | ⚠️ https://github.com/Num-Nine/CVE/issues/8 |
|---|
| User | wuguanfengyue (UID 52312) |
|---|
| Submission | 12/11/2023 10:52 (3 years ago) |
|---|
| Moderation | 12/13/2023 13:23 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 247908 [OTCMS 7.01 /admin/ind_backstage.php sqlContent sql injection] |
|---|
| Points | 20 |
|---|