| عنوان | SQL Database Error could lead to SQL Injection in minical v1.0.0 |
|---|
| الوصف | # VULNERABILITY-TYPE : Unchecked Error Condition
# VENDOR OF THE PRODUCT : minical
# AFFECTED PRODUCT : minical/minical
# VERSION: v1.0.0
# ATTACK TYPE : REMOTE
# IMPACT: CODE EXECUTION
# AFFECTED COMPONENTS: SOURCE-CODE(show_bookings)
# ATTACK VECTOR: show_bookings(search_query)
# DESCRIPTION: Minical ,an open-source PMS v1.0.0 suffers from Unchecked Error Condition via search_query
# Vendor Homepage: https://github.com/minical/minical
# Software Link:https://github.com/minical/minical/archive/refs/tags/v1.0.0.zip
# REFERENCE:
1.) https://cwe.mitre.org/data/definitions/391.html
# PROOF_OF_CONCEPT
GITHUB_LINK: https://github.com/ctflearner/Vulnerability/blob/main/MINICAL/minical.md
|
|---|
| المصدر | ⚠️ https://github.com/minical/minical |
|---|
| المستخدم | Affan (UID 39417) |
|---|
| ارسال | 09/06/2023 05:30 PM (3 سنوات منذ) |
|---|
| الاعتدال | 18/06/2023 09:06 AM (9 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 231803 [miniCal 1.0.0 /booking/show_bookings/ search_query حقن SQL] |
|---|
| النقاط | 20 |
|---|