| عنوان | SQL injection vulnerability exists in Hostel searching project |
|---|
| الوصف | After the environment is built,Go to view-property.php,We can see the parameter property following the url_ ID is controllable。property_ ID is assigned to $property_ The ID variable is then brought into the database for query, and the query result is returned. During this process, the property_ The ID is brought into the database without being filtered, thus creating a SQL injection vulnerability |
|---|
| المصدر | ⚠️ https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1 |
|---|
| المستخدم | ace. (UID 34853) |
|---|
| ارسال | 17/11/2022 06:54 AM (4 سنوات منذ) |
|---|
| الاعتدال | 17/11/2022 04:07 PM (9 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 213844 [Hostel Searching Project view-property.php property_id حقن SQL] |
|---|
| النقاط | 20 |
|---|