| 标题 | Das Parking Management System 6.2.0 SQL Injection |
|---|
| 描述 | A SQL INJECTION vulnerability exists in the " 停车场管理系统 ".The system's API 'vehicle/search ' is vulnerable to unauthorized access ,allowing unauthenticated users to exploit certain interfaces and retrieve sensitive user data posing a critical security risk. The manipulation of the argument 'vehicleTypeCode' leads to sql injection. |
|---|
| 来源 | ⚠️ https://github.com/K-mxredo/MXdocument/blob/K-mxredo-blob/%E5%81%9C%E8%BD%A6%E5%9C%BA%E7%B3%BB%E7%BB%9Fvehicle-search.md |
|---|
| 用户 | SecHZredo (UID 81966) |
|---|
| 提交 | 2025-06-06 06時38分 (1 年前) |
|---|
| 管理 | 2025-06-15 12時12分 (9 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 312587 [Das Parking Management System 停车场管理系统 6.2.0 API /vehicle/search vehicleTypeCode SQL注入] |
|---|
| 积分 | 18 |
|---|