漏洞描述
【漏洞对象】weiphp开源微信公众号平台 【漏洞描述】weiphp开源微信公众号平台开发框架的低版本存在前台sql注入,可造成信息数据泄露,攻击者可利用该漏洞执行SQL指令,甚至入侵服务器。
weiphp开源微信公众号平台开发框架前台-SQL注入
PoC代码
暂无相关漏洞推荐
- POC CVE-2020-26935: phpMyAdmin < 5.0.3 - SQL Injection
- POC php-prober-exposure: PHP Prober - Exposure
- POC cakephp-debugkit-exposure: CakePHP - Debug Kit Toolbar Exposure
- POC CVE-2025-69200: phpMyFAQ - Configuration Backup Disclosure
- POC CVE-2017-11107: phpLDAPadmin <= 1.2.3 - Reflected XSS
- POC CVE-2019-9082: ThinkPHP < 3.2.4 - Remote Code Execution
- POC phpmyadmin-fpd: phpMyAdmin - Full Path Disclosure
- phpMyFAQ /api/setup/backup 信息泄露漏洞(CVE-2025-69200)
- PHP 安全漏洞
- POC CVE-2019-10647: ZZZCMS ZZZPHP 1.6.3 – Remote PHP Code Execution (RCE)
- POC CVE-2023-38875: PHP Login System 2.0.1 - Cross-Site Scripting
- POC functions-php-disclosure: functions.php Full Path Disclosure
- POC CVE-2025-44136: MapTiler Tileserver-php v2.0 - Unauthenticated XSS