Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the "page" parameter. NOTE: The product is discontinued.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Advanced Comment SQL注入漏洞
Vulnerability Description
Advanced Comment System是一套用户评论系统。 Advanced Comment System 1.0版本中的internal/advanced_comment_system/admin.php页面存在SQL注入漏洞,该漏洞源于程序在构造SQL查询语句之前没有充分过滤用户提交的数据。远程攻击者可借助‘page’参数中的URL利用该漏洞执行SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A