12Oca
CVE-2024-0479 | Taokeyun up to 1.0.5 HTTP POST Request User.php login username sql injection
A vulnerability was found in Taokeyun up to 1.0.5. It has been classified as critical. Affected is the functionlogin of the file application/index/controller/m/User.php of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection.
This vulnerability is traded as CVE-2024-0479. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
