漏洞标题
"itsourcecode在线图书商店的admin_delete.php SQL注入"
漏洞描述信息
在在线书店1.0的源代码中发现了一个漏洞,已被评为关键级别。此问题影响了文件admin_delete.php的一些未知处理过程。通过操作参数bookisbn,会导致SQL注入。攻击可以在远程发起。漏洞已被公开披露并可能被利用。此漏洞的标识符为VDB-268721。
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
漏洞标题
itsourcecode Online Book Store admin_delete.php sql injection
漏洞描述信息
A vulnerability was found in itsourcecode Online Book Store 1.0. It has been rated as critical. This issue affects some unknown processing of the file admin_delete.php. The manipulation of the argument bookisbn leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-268721 was assigned to this vulnerability.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
漏洞标题
Online Book Store SQL注入漏洞
漏洞描述信息
Online Book Store是Arvin Arandilla个人开发者的一个网上书店。 itsourcecode Online Book Store 1.0版本存在SQL注入漏洞,该漏洞源于admin_delete.php 包含未知处理,通过参数 bookisbn 导致SQL注入。
CVSS信息
N/A
漏洞类别
SQL注入