| عنوان | SourceCodester Online Mobile Management Store 1.0 SQL Injection |
|---|
| الوصف | The code in '/admin/orders/view_order.php' directly uses the $_GET['id'] parameter in the SQL query without proper sanitization or validation. An attacker could manipulate the id parameter in the URL to inject malicious SQL code, potentially leading to unauthorized access or data manipulation. |
|---|
| المصدر | ⚠️ https://github.com/vanitashtml/CVE-Dumps/blob/main/SQL%20Injection%20in%20View%20Order%20-%20Mobile%20Management%20Store.md |
|---|
| المستخدم | rjavenido22 (UID 64261) |
|---|
| ارسال | 03/03/2024 05:32 AM (2 سنوات منذ) |
|---|
| الاعتدال | 03/03/2024 05:01 PM (11 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 255585 [SourceCodester Online Mobile Management Store 1.0 view_order.php معرف حقن SQL] |
|---|
| النقاط | 18 |
|---|