Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Itech Auction Script mcategory.php Blind sql injection
Vulnerability Description
A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4' AND 1734=1734 AND 'Ggks'='Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Ambit Technologies iTech Auction Script SQL注入漏洞
Vulnerability Description
Ambit Technologies iTech Auction Script是印度Ambit Technologies公司的一种流行且具有成本效益的解决方案,用于启动您的拍卖网站。 Ambit Technologies iTech Auction Script 6.49版本存在SQL注入漏洞,该漏洞源于存在不安全的文件mcategory.php,攻击者利用该漏洞可以远程发起攻击。
CVSS Information
N/A
Vulnerability Type
N/A