#1518 Lại Unauthenticated SQLi trong module shop với khả năng RCE

URL / Location of vulnerability

http://nukeviethost/index.php?language=vi&nv=shops&op=search_result

Description

Xin đọc báo cáo để biết về chi tiết lỗi

Bug_Disclosure_Search.pdf

Steps to reproduce

N/A

Impact

N/A

Recommendation

N/A

Attachments

Program

NukeViet

Target

https://github.com/nukeviet/

Visibility

Public - Full

Status

Accepted - Resolved

Vulnerability

Server-Side Injection > SQL Injection

Severity

CRITICAL

Reference

#1518

Submitted at

16/12/2019 09:40:57

Submitted by

Point

4

Votes

3