| عنوان | code-projects Pharmacy Management System 1.0 SQL Injection |
|---|
| الوصف | A critical SQL injection vulnerability was identified in the Pharmacy Management System version 1.0, specifically in the Manage Supplier search functionality. This flaw occurs through the text parameter sent via a GET request to the endpoint /php/manage_supplier.php?action=search&text=a. Attackers can manipulate this parameter to execute arbitrary SQL commands, compromising the database's security and integrity. |
|---|
| المصدر | ⚠️ https://gist.github.com/higordiego/2bd0a94e480906a60ce83b8a4ec26957 |
|---|
| المستخدم | c4ttr4ck (UID 75518) |
|---|
| ارسال | 15/10/2024 11:27 PM (2 سنوات منذ) |
|---|
| الاعتدال | 16/10/2024 08:05 AM (9 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 280557 [code-projects Pharmacy Management System 1.0 manage_supplier.php?action=search text حقن SQL] |
|---|
| النقاط | 20 |
|---|