Open bkfish opened 2 years ago
The location of the vulnerability is line 33 in taocms\include\Model\Article.php, and the incoming sql statement in the update() method does not use intval to process id,and Link.php extends Article
edit link then edit id as 2)and+sleep(5)--+
2)and+sleep(5)--+
analysis
The location of the vulnerability is line 33 in taocms\include\Model\Article.php, and the incoming sql statement in the update() method does not use intval to process id,and Link.php extends Article
poc
edit link
then edit id as 
2)and+sleep(5)--+