إرسال #343432: SourceCodester Best House Rental Management System 1.0 SQL injection
| عنوان | SourceCodester Best House Rental Management System 1.0 SQL injection |
|---|---|
| الوصف | After receiving the id parameter passed in through the get method in the manage_payment.php file, it is directly spliced into the SQL query statement for execution without any security filtering. An attacker can use this parameter to perform SQL injection to read arbitrary database information. |
| المصدر | ⚠️ https:/ |
| المستخدم | rocker (UID 62454) |
| ارسال | 23/05/2024 04:07 PM (2 سنوات منذ) |
| الاعتدال | 25/05/2024 08:11 AM (2 days later) |
| الحالة | تمت الموافقة |
| إدخال VulDB | 266277 [SourceCodester Best House Rental Management System حتى 1.0 manage_payment.php معرف حقن SQL] |
| النقاط | 18 |