Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
delpino73 Blue-Smiley-Organizer 1.32 SQL Injection via datetime
Vulnerability Description
delpino73 Blue-Smiley-Organizer 1.32 contains an SQL injection vulnerability in the datetime parameter that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL code through POST requests to extract sensitive data using boolean-based blind and time-based blind techniques, or write files to the server using INTO OUTFILE statements.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Blue-Smiley-Organizer SQL注入漏洞
Vulnerability Description
Blue-Smiley-Organizer是Oliver Antosch个人开发者的一个日程整理工具 Blue-Smiley-Organizer 1.32版本存在SQL注入漏洞,该漏洞源于datetime参数存在SQL注入,可能导致未经验证的攻击者操纵数据库查询。
CVSS Information
N/A
Vulnerability Type
N/A