إرسال #471038: Codezips Blood Bank Management System In PHP With Source Code V1.0 SQL Injectionالمعلومات

عنوانCodezips Blood Bank Management System In PHP With Source Code V1.0 SQL Injection
الوصفRoot Cause Description: The /campaign.php script directly incorporates user input from the cname parameter into SQL queries without proper sanitization or validation. This oversight allows attackers to inject malicious SQL code, enabling unauthorized database manipulations. ???? Impact Unauthorized Database Access: Potential to read sensitive data. Data Leakage: Exposure of confidential information. Data Tampering: Ability to modify or delete records. System Control: Possibility of full system compromise. Service Interruption: Disruption of normal operations.
المصدر⚠️ https://github.com/isRainy/VULDB/blob/main/Blood_Bank_Management_System.md
المستخدم
 1905589289 (UID 79521)
ارسال28/12/2024 11:54 AM (1 سنة منذ)
الاعتدال28/12/2024 08:18 PM (8 hours later)
الحالةتمت الموافقة
إدخال VulDB289715 [Codezips Blood Bank Management System 1.0 /campaign.php cname حقن SQL]
النقاط20

التالي نظرة عامة السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!