| عنوان | https://www.sourcecodester.com/php/15373 online-banking-management-system 1.0 SQL Injection |
|---|
| الوصف | No authentication is required. Directly access the file bank/statements.php, capture the data packet, and modify it to be sent via the POST method. The POST request should carry the parameter "email",”userLogin”,”password”. You can use the SQLMAP tool to verify the vulnerability; the parameter "email" has a SQL injection vulnerability, through which sensitive database information can be obtained. |
|---|
| المصدر | ⚠️ http://127.0.0.1/bank/statements.php |
|---|
| المستخدم | firewall (UID 88901) |
|---|
| ارسال | 11/08/2025 12:22 PM (10 أشهر منذ) |
|---|
| الاعتدال | 14/08/2025 09:05 AM (3 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 320087 [SourceCodester Online Bank Management System حتى 1.0 /bank/statements.php email حقن SQL] |
|---|
| النقاط | 20 |
|---|