| عنوان | SourceCodester Inventory Management System 1.0 has a SQL injection vulnerability in staff_data.php Software |
|---|
| الوصف | SourceCodester Inventory Management System 1.0 has a SQL injection vulnerability in staff_data.php
Software
Software: Inventory Management System 1.0
Software Link: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html
Vulnerability Type: SQLi
Attack Type: Remote
Vendor of Product: Sourcecodester
Description
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. SourceCodester Inventory Management System 1.0 has a SQL injection vulnerability in staff_data.php. The manipulation of the argument columns%5B0%5D%5Bdata%5D leads to SQLi. Remote attackers can leverage this to affect any other users that visit that portion of the application.
https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory%20Management%20System%20SQLi%20staff_data.md |
|---|
| المصدر | ⚠️ https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory%20Management%20System%20SQLi%20staff_data.md |
|---|
| المستخدم | error404unknown (UID 53361) |
|---|
| ارسال | 27/08/2023 05:32 AM (3 سنوات منذ) |
|---|
| الاعتدال | 27/08/2023 08:07 AM (3 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 238159 [SourceCodester Inventory Management System 1.0 staff_data.php columns[0][data] حقن SQL] |
|---|
| النقاط | 20 |
|---|