ch.codeengn.com에서 sql injection, reflected xss

Writer 점심이당 Program CodeEngn 대표 홈페이지

WEB Duplicated High No Reward Created: Jun 15, 2021 (4 years ago) Last Updated: Jul 17, 2022 (2 years ago)

Weakness

SQL Injection, Reflected XSS

Attachment

poc.py

Timeline

점심이당 submitted ticket. June 15, 2021 (4 years ago)
CodeEngn MANAGER posted a comment. June 21, 2021 (4 years ago)
CodeEngn MANAGER changed the status from 'Submitted' to 'In Progress'. June 21, 2021 (4 years ago)
CodeEngn MANAGER changed the severity from 'Critical' to 'High'. June 21, 2021 (4 years ago)
CodeEngn MANAGER changed the disclosure from 'Closed' to 'Disclosed (Limited)'. June 21, 2021 (4 years ago)
CodeEngn MANAGER changed the status from 'In Progress' to 'Duplicated'. June 21, 2021 (4 years ago)