Mini SQL对用户提供的数据缺少充分过滤,远程攻击者可以利用这个漏洞对目标服务器进行格式字符串攻击,可能以数据库进程权限在系统上执行任意指令。 远程攻击者可以发送恶意格式串来触发此漏洞,导致破坏进程中的任意敏感信息,造成以数据库进程... -Mini SQL user data provided by the lack of adequate filtering, remote attacker could exploit the vulnerability on the target server format string attack, the database may be on the process of competence in the system to execute arbitrary commands. Remote attacker can send malicious format string to trigger this vulnerability, lead to a breach in the process of any sensitive information, causing the process to the database ...