Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Battle.net clan login.php脚本远程SQL注入漏洞
Vulnerability Description
Battle.net clan管理系统使用MySQL后端,允许用户方便的升级和维护web站点。 Battle.net clan系统实现上存在输入验证漏洞,远程攻击者可能利用此漏洞执行SQL注入攻击,非授权获取系统的管理权限。 Battle.net clan的login.php脚本没有正确地验证通过index.php对user参数的输入: line 9 --> $user = $_POST["user"]; line 10--> $pass = $_POST["pass"]; ..... ..... ...
CVSS Information
N/A
Vulnerability Type
N/A