security bug

Question

se-life opened this issue a year ago · comments

aihq · Answer 1 · Tue Jul 25 2023 11:21:23 GMT+0800 (China Standard Time)

All non-existent uri can be implemented and there is huge injecting risk

qkqpttgf · Answer 2 · Wed Aug 09 2023 09:38:37 GMT+0800 (China Standard Time)

All non-existent uri can be implemented and there is huge injecting risk

we will not know the file is exist or not before run it.
the project have no database, can u show me a way of inject.