PHPSHE 1.7 - SQL Injection

Short Info

Level

Critical

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

11 days 9 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication.

References:

https://gitee.com/koyshe/phpshe/issues/ITC0C
https://nvd.nist.gov/vuln/detail/CVE-2019-9762

Get started to protecting your digital assets

Start trial See the plans

PHPSHE 1.7 - SQL Injection

Short Info

Detail

Category