Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
狮子鱼CMS ApiController.class.php goods_detail sql injection
Vulnerability Description
A vulnerability has been found in 狮子鱼CMS and classified as critical. Affected by this vulnerability is the function goods_detail of the file ApiController.class.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222223.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
shiziyu SQL注入漏洞
Vulnerability Description
shiziyu(狮子鱼CMS)是狮子鱼CMS(shiziyu)公司的一个社区团购网站。 shiziyu CMS存在SQL注入漏洞,该漏洞源于文件ApiController.class.php 的函数goods_detail存在安全问题,通过参数 goods_id 会导致 sql 注入。
CVSS Information
N/A
Vulnerability Type
N/A