| عنوان | code-projects Human Resource Integrated System 1.0 SQL Injection |
|---|
| الوصف | The id parameter in login_query12.php is not properly sanitized or parameterized, making it vulnerable to SQL injection. This vulnerability can be exploited by injecting malicious SQL code to manipulate database queries. An attacker could leverage a timing-based SQL injection method to intentionally delay database responses using functions such as SLEEP(). |
|---|
| المصدر | ⚠️ https://github.com/cooorgi/cve/blob/main/hris_sql_log_query12.md |
|---|
| المستخدم | cooorgi (UID 80520) |
|---|
| ارسال | 22/08/2025 08:12 PM (10 أشهر منذ) |
|---|
| الاعتدال | 30/08/2025 06:47 PM (8 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 322040 [code-projects Human Resource Integrated System 1.0 /login_query12.php معرف حقن SQL] |
|---|
| النقاط | 19 |
|---|