PHPSHE 1.7 - SQL Injection

Short Info

Level

Critical

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

10 days 17 hours

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

A SQL Injection was discovered in PHPSHE 1.7 in include/plugin/payment/alipay/pay.php with the parameter id. The vulnerability does not need any authentication.

References:

https://gitee.com/koyshe/phpshe/issues/ITC0C
https://nvd.nist.gov/vuln/detail/CVE-2019-9762

Get started to protecting your digital assets

Start trial See the plans

PHPSHE 1.7 - SQL Injection

Short Info

-

Detail

Category