Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Affected software: CuppaCMS
Type of vulnerability: SQL injection
Discovered by: darkrerror
SQL Injection in administrator/classes/ajax/functions.php with parameter reference_id
function updateUserTableLog(){ if(!@$_POST["reference_id"]) echo "1"; $cuppa = Cuppa::getInstance(); $data = new stdClass(); $data->user_id_updating = "'".$cuppa->user->getVar("id")."'"; $data->date_updating = "'".date('Y-m-d H:i:s')."'"; $data->table_name = "'".$_POST["table_name"]."'"; $data->reference_id = "'".$_POST["reference_id"]."'"; $result = $cuppa->dataBase->add($cuppa->configuration->table_prefix."tables_log", $data); echo $result;
POST request screenshot:
sqlmap tool screenshot
The text was updated successfully, but these errors were encountered:
This issue was fixed in the last commit...
Sorry, something went wrong.
thanks
这个问题被关闭了,能打开吗
tufik2
No branches or pull requests
Affected software: CuppaCMS
Type of vulnerability: SQL injection
Discovered by: darkrerror
SQL Injection in administrator/classes/ajax/functions.php with parameter reference_id
function updateUserTableLog(){
if(!@$_POST["reference_id"]) echo "1";
$cuppa = Cuppa::getInstance();
$data = new stdClass();
$data->user_id_updating = "'".$cuppa->user->getVar("id")."'";
$data->date_updating = "'".date('Y-m-d H:i:s')."'";
$data->table_name = "'".$_POST["table_name"]."'";
$data->reference_id = "'".$_POST["reference_id"]."'";
$result = $cuppa->dataBase->add($cuppa->configuration->table_prefix."tables_log", $data);
echo $result;
POST request screenshot:

sqlmap tool screenshot

The text was updated successfully, but these errors were encountered: