Title | SQL injection vulnerability exists in Hostel searching project |
---|
Description | After the environment is built,Go to view-property.php,We can see the parameter property following the url_ ID is controllable。property_ ID is assigned to $property_ The ID variable is then brought into the database for query, and the query result is returned. During this process, the property_ The ID is brought into the database without being filtered, thus creating a SQL injection vulnerability |
---|
Source | ⚠️ https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1 |
---|
User | ace. (ID 34853) |
---|
Submission | 11/17/2022 06:54 (2 years ago) |
---|
Moderation | 11/17/2022 16:07 (9 hours later) |
---|
Status | Accepted |
---|
VulDB Entry | 213844 |
---|