Submit #266018: Taokeyun Taokeyun <=1.0.5 SQL Injectioninfo

TitleTaokeyun Taokeyun <=1.0.5 SQL Injection
DescriptionThe Taokeyun software, version 1.0.5 and below, suffers from a critical SQL Injection vulnerability in the file application/index/controller/app/Video.php. Specifically, the "index" function improperly handles user-supplied input in the 'cid' parameter, leading to potential manipulation of SQL queries. This flaw could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading to unauthorized access, data leakage, or other malicious activities.
Source⚠️ https://note.zhaoj.in/share/MuWxURhTIYTP
User
 glzjin (UID 59815)
Submission01/11/2024 09:03 (2 years ago)
Moderation01/12/2024 12:11 (1 day later)
StatusAccepted
VulDB entry250587 [Taokeyun up to 1.0.5 HTTP POST Request Video.php index cid sql injection]
Points20

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!