Submit #333416: Campcodes Online Examination System With Timer 1.0 SQL Injection
Title | Campcodes Online Examination System With Timer 1.0 SQL Injection |
---|---|
Description | A vulnerability was found in Campcodes Online Examination System With Timer, impacting the page addCourseExe.php. The value of user input (course_name parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack |
Source | ⚠️ https:/ |
User | yylm (ID 67976) |
Submission | 05/13/2024 16:15 (2 months ago) |
Moderation | 05/15/2024 13:26 (2 days later) |
Status | Accepted |
VulDB Entry | 264454 |