إرسال #166837: SQL Database Error could lead to SQL Injection in minical v1.0.0المعلومات

عنوانSQL Database Error could lead to SQL Injection in minical v1.0.0
الوصف# VULNERABILITY-TYPE : Unchecked Error Condition # VENDOR OF THE PRODUCT : minical # AFFECTED PRODUCT : minical/minical # VERSION: v1.0.0 # ATTACK TYPE : REMOTE # IMPACT: CODE EXECUTION # AFFECTED COMPONENTS: SOURCE-CODE(show_bookings) # ATTACK VECTOR: show_bookings(search_query) # DESCRIPTION: Minical ,an open-source PMS v1.0.0 suffers from Unchecked Error Condition via search_query # Vendor Homepage: https://github.com/minical/minical # Software Link:https://github.com/minical/minical/archive/refs/tags/v1.0.0.zip # REFERENCE: 1.) https://cwe.mitre.org/data/definitions/391.html # PROOF_OF_CONCEPT GITHUB_LINK: https://github.com/ctflearner/Vulnerability/blob/main/MINICAL/minical.md
المصدر⚠️ https://github.com/minical/minical
المستخدم
 Affan (UID 39417)
ارسال09/06/2023 05:30 PM (3 سنوات منذ)
الاعتدال18/06/2023 09:06 AM (9 days later)
الحالةتمت الموافقة
إدخال VulDB231803 [miniCal 1.0.0 /booking/show_bookings/ search_query حقن SQL]
النقاط20

Do you need the next level of professionalism?

Upgrade your account now!