taoCMS is an incredible tiny CMS( Content Management System) , writen in PHP and support MySQL/Sqlite as the database(MIT License)
60
stars
21
forks
source link
There is SQL blind injection at "Article search"(Column administrator authority) #5
Closed
ddddbhm closed 3 years ago
First, we enter the background and use the column administrator admin1 we created:
We click in order and grab packets:
There is a SQL blind injection vulnerability in the location of name:
POC:/admin/admin.php?name=s%"+and+"sca%"="&cat=0&status=&action=cms&ctrl=lists&submit=%E6%9F%A5%E8%AF%A2