إرسال #388772: SourceCodester Sourcecodester Car Driving School Management System 1.0 SQL injectionالمعلومات

عنوانSourceCodester Sourcecodester Car Driving School Management System 1.0 SQL injection
الوصفAfter receiving the id parameter passed in through the get method in the Master.php file, it is directly spliced into the SQL query statement for execution without any security filtering. An attacker can use this parameter to perform SQL injection to read arbitrary database information.
المصدر⚠️ https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20SQL%20Injection-6.md
المستخدم
 BFS-Lab (UID 73306)
ارسال10/08/2024 06:26 AM (2 سنوات منذ)
الاعتدال10/08/2024 10:19 AM (4 hours later)
الحالةتمت الموافقة
إدخال VulDB274126 [SourceCodester Car Driving School Management System 1.0 Master.php delete_package معرف حقن SQL]
النقاط17

التالي نظرة عامة السابق

Interested in the pricing of exploits?

See the underground prices here!