关键信息 CVE ID: CVE-2023-5258 Vulnerability Type: SQL Injection Affected Software: OpenRapid RapidCMS 1.3.1 Affected File: /resource/addgood.php Severity: Critical Vulnerability Details Summary: - An SQL injection vulnerability exists in OpenRapid RapidCMS 1.3.1 due to improper handling of the argument in . - The vulnerability is classified as CVE-89 under CWE. Impact: - The vulnerability affects confidentiality, integrity, and availability. Disclosure Date: 09/29/2023 Exploit: - Proof-of-concept exploit available on GitHub. - The attack technique is identified as T1505 in MITRE ATT&CK. Detection: - Vulnerable targets can be identified using Google Hacking with the search query: . Mitigation: - No known countermeasures. It is suggested to replace the affected product with an alternative.