CVE-2018-18432

An issue was discovered in DESTOON B2B 7.0. CSRF exists via the admin.php URI in an action=add request...

Destoon the latest full version through the kill SQL injection vulnerability-vulnerability warning-the black bar safety net

Author:Kavia /common.inc.php 6 4 line: if$POST $POST = stripsql$POST; //stripsqlfilter if$GET $GET = stripsql$GET; if$COOKIE $COOKIE = stripsql$COOKIE; ......... if$POST extract$POST, EXTRSKIP; //register variable if$GET extract$GET, EXTRSKIP; Follow stripsql /include/global.func.php 1 8 6:...