Submit #266022: Taokeyun Taokeyun <=1.0.5 SQL Injectioninfo

TitleTaokeyun Taokeyun <=1.0.5 SQL Injection
DescriptionThe application Taokeyun, version 1.0.5 and earlier, has a SQL Injection vulnerability in the file application/index/controller/app/Task.php, specifically in the 'index' function. This flaw allows an attacker to manipulate the 'cid' input parameter, enabling them to execute arbitrary SQL commands, such as causing a delay in the database response using the 'sleep' function, thus potentially leading to unauthorized data access or manipulation.
Source⚠️ https://note.zhaoj.in/share/dm5VSyxmQIdl
User
 glzjin (UID 59815)
Submission01/11/2024 09:19 (2 years ago)
Moderation01/12/2024 12:11 (1 day later)
StatusAccepted
VulDB entry250588 [Taokeyun up to 1.0.5 HTTP POST Request Task.php index cid sql injection]
Points20

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!