إرسال #471112: code-projects Chat System 1.0.0.00 SQL Injectionالمعلومات

عنوانcode-projects Chat System 1.0.0.00 SQL Injection
الوصفIn the file 'update_user.php' located at /admin/update_user.php, there is a possibility of performing SQL injection on the 'name and id' parameter. This allows attackers to inject malicious SQL code into the query. For example, if the name and id parameter is set to: error-based: script=1' AND 4381=(SELECT (CASE WHEN (4381=4381) THEN 4381 ELSE (SELECT 6122 UNION SELECT 5924) END))-- -
المصدر⚠️ https://code-projects.org/chat-system-using-php-source-code/
المستخدم
 Havook (UID 71104)
ارسال28/12/2024 04:18 PM (2 سنوات منذ)
الاعتدال29/12/2024 04:38 PM (1 day later)
الحالةتمت الموافقة
إدخال VulDB289768 [code-projects Chat System 1.0 /admin/update_user.php معرف حقن SQL]
النقاط20

Might our Artificial Intelligence support you?

Check our Alexa App!