| Title | Shenzhen Ruiming Technology Co., Ltd. Crocus System 1.3.44 SQL Injection |
|---|
| Description | A critical SQL injection vulnerability was discovered in the RemoteFormat.do component of Crocus. The endpoint fails to properly sanitize the State parameter in POST requests. By providing a specially crafted header Cookie: a="", an attacker can bypass the internal authentication check and reach the vulnerable SQL execution logic. Due to the lack of input validation, a remote unauthenticated attacker can perform time-based blind SQL injection to extract sensitive database information (e.g., the database name saffron) or achieve full database compromise. |
|---|
| Source | ⚠️ https://my.feishu.cn/docx/QZU6dXZBBoBeLMx4K28cW1BEnsZ?from=from_copylink |
|---|
| User | 0menc (UID 75423) |
|---|
| Submission | 03/11/2026 08:58 (20 days ago) |
|---|
| Moderation | 03/26/2026 17:29 (15 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 353661 [Shenzhen Ruiming Technology Streamax Crocus up to 1.3.44 Endpoint /RemoteFormat.do State sql injection] |
|---|
| Points | 20 |
|---|