Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
TreasureHuntGame TreasureHunt acesso.php sql injection
Vulnerability Description
A vulnerability, which was classified as critical, was found in TreasureHuntGame TreasureHunt up to 963e0e0. Affected is an unknown function of the file TreasureHunt/acesso.php. The manipulation of the argument usuario leads to sql injection. It is possible to launch the attack remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The name of the patch is 8bcc649abc35b7734951be084bb522a532faac4e. It is recommended to apply a patch to fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
TreasureHunt 注入漏洞
Vulnerability Description
TreasureHunt是TreasureHuntGame开源的一个用于教授计算机安全的自动问题生成工具和挑战型竞赛。 TreasureHunt 963e0e0版本及之前版本存在注入漏洞,该漏洞源于对参数 usuario 的错误操作会导致 sql 注入。
CVSS Information
N/A
Vulnerability Type
N/A