漏洞描述
Atom CMS中存在SQL注入漏洞,此漏洞是由于未充分验证用户输入avatar.php的数据所导致的。
Atom CMS avatar.php SQL注入漏洞
PoC代码
暂无相关漏洞推荐
- Grafana /avatar 服务器端请求伪造漏洞(CVE-2020-13379)
- POC CVE-2018-9205: Drupal avatar_uploader v7.x-1.0-beta8 - Local File Inclusion
- POC CVE-2022-24223: Atom CMS v2.0 - SQL Injection
- POC CVE-2022-25487: Atom CMS v2.0 - Remote Code Execution
- POC CVE-2022-25488: Atom CMS v2.0 - SQL Injection
- POC CVE-2022-25489: Atom CMS v2.0 - Cross-Site Scripting
- POC CVE-2022-28032: Atom CMS v2.0 - SQL Injection
- POC CVE-2022-28033: Atom.CMS 2.0 - SQL Injection
- POC gravatar-secure-csp-bypass: Content-Security-Policy Bypass - Gravatar Secure
- POC tianwen-erp-areaavatardownload-fileread: 天问物业ERP系统AreaAvatarDownLoad.aspx任意文件读取漏洞
- POC drupal-avatar-xss: Drupal Avatar Uploader - Cross-Site Scripting
- WordPress plugin GravatarLocalCache 跨站请求伪造漏洞
- 来客PHP在线客服系统 /admin/users/upavatar.html 任意文件上传漏洞