漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
漏洞
N/A
漏洞信息
Multiple SQL injection vulnerabilities in aliTalk 1.9.1.1, when magic_quotes_gpc is disabled, allow remote authenticated users to execute arbitrary SQL commands via (1) the mohit parameter to (a) inc/receivertwo.php; and allow remote attackers to execute arbitrary SQL commands via (2) the id parameter to (b) inc/usercp.php, related to functionz/usercp.php; or (3) the username parameter to (c) admin/index.php, related to functionz/first_process.php, or (d) index.php. NOTE: some of these details are obtained from third party information.
漏洞信息
N/A
漏洞
N/A
漏洞
aliTalk 'inc/receivertwo.php、inc/usercp.php和admin/index.php'SQL注入漏洞
漏洞信息
aliTalk 1.9.1.1中存在多个SQL注入漏洞,当magic_quotes_gpc不可用时,允许远程验证用户通过以下方式执行任意SQL命令. (1) 通过inc/receivertwo.php的 mohit 参数 (2) 通过inc/usercp.php的id 参数 ,类似functionz/usercp.php;或者(3)admin/index.php的username参数,类似functionz/first_process.php或index.php. 注意: 某些细节来自其他第三方。
漏洞信息
N/A
漏洞
N/A