A vulnerability was found in Taokeyun up to 1.0.5. It has been classified as critical. Affected is the function
login
of the file application/index/controller/m/User.php of the component HTTP POST Request Handler. The manipulation of the argument username leads to sql injection.
This vulnerability is traded as CVE-2024-0479. It is possible to launch the attack remotely. Furthermore, there is an exploit available.