Title | Campcodes Online Examination System With Timer 1.0 SQL Injection |
---|
Description | A vulnerability was found in Campcodes Online Examination System With Timer, impacting the page addExamExe.php. The value of user input (examTitle parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack |
---|
Source | ⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Examination%20System%20With%20Timer/SQL_addExamExe.md |
---|
User | yylm (ID 67976) |
---|
Submission | 05/13/2024 16:04 (2 months ago) |
---|
Moderation | 05/15/2024 13:23 (2 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 264447 |
---|