4 matches found
Upgraded Q -> M from #4 [1671756144822]
Judge has assessed an item in Issue 4 as M risk. The relevant finding follows: GroupBuy: Insertion timestamp ignored The documentation states that "If the users have the same quantity as well, the bid that was placed later will have Raes removed.". However, with the current implementation, this i...
TinyRise 最新版注射获取敏感信息
简要描述: TinyRise 最新版注射获取敏感信息 详细说明: 主要问题出在filterclass.php: public static function text$str $config = HTMLPurifierConfig::createDefault; $cachedir=Tiny::getPath'cache'."/htmlpurifier/"; if!fileexists$cachedir File::mkdir$cachedir; $config = HTMLPurifierConfig::createDefault; //配置 缓存目录...
Ecmall several SQL injection vulnerability-vulnerability warning-the black bar safety net
Search, find/app/sellergroupbuy. app. php there are 6 injection: Are the files under the drop,start,finished,desc,cancel,logfunction in the id parameter To finished , for example: function finished $id = empty$GET'id' ? 0 : $GET'id';//id parameter is not filtered if !$ id...
The top-dimensional group buy navigation sql injection vulnerability analysis-vulnerability warning-the black bar safety net
Just opened, it is found that their number is blacklisted, the speed of the back posts, the tension?, the speed got a system to look at, okay, I admit I just looked under the array is not filtered directly submitted to the query statement, the vulnerability to ask in the userModule. class. php fi...