Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in socialMPN allow remote attackers to execute arbitrary SQL commands via (1) the sid parameter to article.php, (2) uname parameter to user.php, (3) siteid parameter to viewforum.php, (4) username parameter to newtopic.php, the (5) secid or (6) artid parameter to sections.php, (7) siteid parameter to index.php, or (8) sid parameter to friend.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
SocialMPN 多个SQL注入漏洞
Vulnerability Description
SocialMPN中存在多个SQL注入漏洞,远程攻击者可借助:(1)提交到article.php脚本的sid参数,(2)到user.php脚本的uname参数,(3)到viewforum.php脚本的siteid参数,(4)到newtopic.php脚本的username 参数,(5)到sections.php脚本的secid参数,或(6)artid参数,(7)到index.php脚本的siteid参数,或(8)到friend.php脚本的sid参数,来执行任意SQL指令。
CVSS Information
N/A
Vulnerability Type
N/A