| tiêu đề | Background injection exists in lmxcms |
|---|
| Mô tả | Vulnerability name: SQL injection vulnerability
Bug description: in the application at http://127.0.0.1/lmxcms141/admin.php? An SQL injection vulnerability is present in m=Acquisi&a=caijiDataList&lid=. An attacker could exploit this vulnerability to perform malicious SQL queries, bypass authentication, access sensitive data, or perform malicious operations on a database.
Affected version: Full version
We can install the latest version of lmxcms, and then according to the above to repeat, log in the background and then input payload can be directly repeated, the use of difficulty is not high, it is recommended to use sqlmap to do so |
|---|
| Nguồn | ⚠️ http://www.lmxcms.com/ |
|---|
| Người dùng | yuanshen (UID 53971) |
|---|
| Đệ trình | 06/09/2023 10:08 (cách đây 3 những năm) |
|---|
| Kiểm duyệt | 16/09/2023 08:47 (10 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 239858 [lmxcms đến 1.41 admin.php lid Tiêm SQL] |
|---|
| điểm | 17 |
|---|