Submit #312807: Sourcodester Kortex Lite Advocate Office Management System v1.0 SQL injectioninfo

TitleSourcodester Kortex Lite Advocate Office Management System v1.0 SQL injection
DescriptionSource Code: https://www.sourcecodester.com/php/17280/advocate-office-management-system-free-download.html The application is vulnerable to SQL injection due to improper handling of user input in the id parameter. By directly incorporating user-supplied values into SQL queries without proper validation or the use of prepared statements, attackers can manipulate the id parameter to execute arbitrary SQL commands. This allows for potential data manipulation, data exfiltration, or unauthorized access to sensitive information.
Source⚠️ https://github.com/zyairelai/CVE-submissions/blob/main/kortex-activate_case-sqli.md
User
 zyairelai (UID 67401)
Submission04/09/2024 07:25 AM (8 months ago)
Moderation04/10/2024 07:57 PM (2 days later)
StatusAccepted
VulDB Entry260274 [SourceCodester Kortex Lite Advocate Office Management System 1.0 activate_case.php id sql injection]
Points20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!