Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Note: the vendor has disputed this issue. Multiple SQL injection vulnerabilities in Land Down Under (LDU) 800 allow remote attackers to execute arbitrary SQL commands via the (1) s or (2) m parameter to forums.php, (3) o, (4) w, (5) s, or (6) p parameter to list.php, (7) m parameter to journal.php, (8) x or (9) n parameter to forums.php, or (10) w parameter to links.php. NOTE: this issue has been disputed by the vendor, who says "None of the tricks written there are working, the variables are properly sanitized and no LDU version is affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Land Down Under 多个SQL注入漏洞
Vulnerability Description
** 争议 ** 注:厂商对此问题有争议。Land Down Under (LDU) 800 存在多个SQL注入漏洞。这使得远程攻击者可以借助于传递到forums.php中的参数(1)s或(2)m,传递到list.php中的参数(3)o、(4)w、(5)s或(6)p,传递到joural.php中的参数(7)m,传递到forums.php中的参数(8)x或(9)n,或传递到links.php中的参数(10)w,执行任意SQL命令。注:厂商对此问题有争议,称上述问题并不存在,变量已经过恰当的安全处理,因此所有
CVSS Information
N/A
Vulnerability Type
N/A