Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple "potential" SQL injection vulnerabilities in Utopia News Pro (UNP) 1.1.4 might allow remote attackers to execute arbitrary SQL commands via (1) the newsid parameter in editnews.php, (2) the catid and question parameters in faq.php, (3) the poster parameter in postnews.php, (4) the tempid parameter in templates.php, and (5) the userid and groupid parameters in users.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Utopia News Pro (UNP) "潜在"SQL注入漏洞
Vulnerability Description
Utopia News Pro (UNP) 1.1.4中存在多个"潜在"SQL注入漏洞,远程攻击者可通过(1) editnews.php中的newsid参数,(2) faq.php中的catid和question参数,(3)postnews.php中的poster参数(4)templates.php中的tempid参数和(5) users.php中的userid和groupid参数执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A