إرسال #333416: Campcodes Online Examination System With Timer 1.0 SQL Injectionالمعلومات

عنوانCampcodes Online Examination System With Timer 1.0 SQL Injection
الوصفA vulnerability was found in Campcodes Online Examination System With Timer, impacting the page addCourseExe.php. The value of user input (course_name parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack
المصدر⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Examination%20System%20With%20Timer/SQL_addCourseExe.md
المستخدم
 yylm (UID 67976)
ارسال13/05/2024 04:15 PM (2 سنوات منذ)
الاعتدال15/05/2024 01:26 PM (2 days later)
الحالةتمت الموافقة
إدخال VulDB264454 [Campcodes Online Examination System 1.0 addCourseExe.php course_name حقن SQL]
النقاط19

التالي نظرة عامة السابق

Do you want to use VulDB in your project?

Use the official API to access entries easily!