CVE-2024-0480

Name of the Vulnerable Software and Affected Versions Taokeyun versions up to 1.0.5

Description A critical issue has been found in the HTTP POST Request Handler component, specifically in the function index of the file application/index/controller/m/Drs.php. The manipulation of the cid argument leads to SQL injection. This issue can be exploited remotely.

Recommendations For Taokeyun versions up to 1.0.5, as a temporary workaround, consider restricting access to the index function in the Drs.php file to minimize the risk of exploitation. Avoid using the cid argument in the affected HTTP POST Request Handler until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.