The location of the vulnerability is line 33 in taocms\include\Model\Article.php, and the incoming sql statement in the update() method does not use intval to process id,and Link.php extends Article
poc
edit link
then edit id as 2)and+sleep(5)--+
The text was updated successfully, but these errors were encountered:
analysis
The location of the vulnerability is line 33 in taocms\include\Model\Article.php, and the incoming sql statement in the update() method does not use intval to process id,and Link.php extends Article

poc
edit link



then edit id as
2)and+sleep(5)--+The text was updated successfully, but these errors were encountered: