Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An issue was discovered in the secure portal in Publisure 2.1.2. Because SQL queries are not well sanitized, there are multiple SQL injections in userAccFunctions.php functions. Using this, an attacker can access passwords and/or grant access to the user account "user" in order to become "Administrator" (for example).
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Publisure SQL注入漏洞
Vulnerability Description
Publisure是一套用于出站通信的集成多通道通信平台。该平台包括内部/外部混合邮件、SMS和电子邮件等功能。 Publisure 2.1.2版本中的userAccFunctions.php功能存在SQL注入漏洞。该漏洞源于基于数据库的应用缺少对外部输入SQL语句的验证。攻击者可利用该漏洞执行非法SQL命令。
CVSS Information
N/A
Vulnerability Type
N/A