| عنوان | Best employee management system in php print1.php V1.0 SQL Injection |
|---|
| الوصف | hr_softadmin/print1.php file line 104 php method gets user input from the GET element. The value of this element is then passed to the code without proper sanitisation or validation, and is ultimately used in the php method on line 108 of the hr_softadminprint1.php file for database queries. This can lead to SQL injection attacks.
baiyunjian has discovered that due to insufficient protection of the "id" parameter in the "admin/print1.php" file, "Best employee management system in php" there is a serious security vulnerability in the This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database. |
|---|
| المصدر | ⚠️ https://github.com/Hefei-Coffee/cve/issues/2 |
|---|
| المستخدم | baiyunjian (UID 82187) |
|---|
| ارسال | 04/03/2025 10:35 AM (1 سنة منذ) |
|---|
| الاعتدال | 06/03/2025 03:21 PM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 298796 [SourceCodester Best Employee Management System 1.0 /admin/print1.php معرف حقن SQL] |
|---|
| النقاط | 20 |
|---|