| Title | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 SQL Injection |
|---|
| Description | The Online College Event Hall Reservation System demonstrates a SQL Injection vulnerability within its `/admin/users.php` component, specifically through the `user_id` parameter. This flaw allows attackers to execute arbitrary SQL commands, such as delaying the server response using the `sleep(5)` function. This vulnerability underlines the importance of employing parameterized queries or proper input validation techniques to protect the application from SQL Injection attacks, thereby safeguarding the database from unauthorized access or manipulation. |
|---|
| Source | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20users.php.md |
|---|
| User | nochizplz (ID 64302) |
|---|
| Submission | 03/08/2024 12:18 (2 months ago) |
|---|
| Moderation | 03/15/2024 17:29 (7 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 256971 |
|---|