| Title | itsourcecode Tailoring Management System 1.0 SQL Injection |
|---|
| Description | A GET SQL injection vulnerability was found in multiple PHP files in the Tailoring Management System Project In PHP with Source Code project. The reason for this issue is that an attacker injects malicious code from the parameter "id" or "expid" or "incid" or "typeid" or "staffid" and uses it directly in SQL queries without proper sanitization or validation. This allows an attacker to forge input values to manipulate SQL queries and perform unauthorized actions.
|
|---|
| Source | ⚠️ https://github.com/magic2353112890/cve/issues/7 |
|---|
| User | lyp123 (UID 80136) |
|---|
| Submission | 01/24/2025 07:10 AM (1 Year ago) |
|---|
| Moderation | 01/31/2025 08:27 PM (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 294298 [itsourcecode Tailoring Management System 1.0 deldoc.php ID sql injection] |
|---|
| Points | 20 |
|---|