6 matches found
CVE-2024-55160
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list...
CVE-2024-55160
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list...
CVE-2024-55160
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list...
GFast 安全漏洞
GFast is a GF Go Frame based backend management system by tiger1103. A security vulnerability exists in GFast v2 to v3.2, which originates from a SQL injection in the OrderBy parameter of /system/operLog/list...
CVE-2024-55160
GFast (Go Frame-based backend, v2–v3.2) contains a SQL injection vulnerability in the OrderBy parameter used by /system/operLog/list. Root cause: improper handling/validation of the OrderBy value allows attackers to inject SQL, enabling unauthorized access or data leakage. CVSS v3.1 metrics indic...
CVE-2024-55160
GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the OrderBy parameter at /system/operLog/list...