Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in doITLive CMS 2.50 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) ID parameter in an USUB action to default.asp and the (2) Licence[SpecialLicenseNumber] (aka LicenceId) cookie to edit/default.asp.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
doITlive CMS 多个SQL注入漏洞
Vulnerability Description
doITLive CMS 2.50及其早期版本存在多个SQL注入漏洞,远程攻击者通过(1) ID parameter in 对edit/showmedia.asp的一个USUB操作中的ID参数,和(2)对edit/default.asp的Licence[SpecialLicenseNumber] (又称 LicenceId) 来执行任意SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A