Submit #52458: SQL injection vulnerability exists in Hostel searching projectinfo

TitleSQL injection vulnerability exists in Hostel searching project
DescriptionAfter the environment is built,Go to view-property.php,We can see the parameter property following the url_ ID is controllable。property_ ID is assigned to $property_ The ID variable is then brought into the database for query, and the query result is returned. During this process, the property_ The ID is brought into the database without being filtered, thus creating a SQL injection vulnerability
Source⚠️ https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1
Userace. (ID 34853)
Submission11/17/2022 06:54 AM (2 years ago)
Moderation11/17/2022 04:07 PM (9 hours later)
StatusAccepted
VulDB Entry213844

Do you want to use VulDB in your project?

Use the official API to access entries easily!