Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
AMSS++ v 4.31 - 'id' SQL Injection
Vulnerability Description
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
AMSS++ SQL注入漏洞
Vulnerability Description
AMSS++是Amssplus的一个办公管理支持系统的工具。 AMSS++ 4.31版本存在SQL注入漏洞,该漏洞源于modules/mail/main/maildetail.php脚本中id参数存在SQL注入,可能导致攻击者访问或修改数据库内容。
CVSS Information
N/A
Vulnerability Type
N/A