إرسال #673773: code-projects Client Details System V1.0 SQL Injectionالمعلومات

عنوانcode-projects Client Details System V1.0 SQL Injection
الوصفA critical SQL Injection vulnerability exists in clientdetails/welcome.php via the ID GET parameter. The application embeds ID unescaped into backend SQL, enabling attackers to alter query logic and inject additional statements. Because input is not sanitized and prepared statements are not used, the endpoint is susceptible to multiple exploitation techniques.
المصدر⚠️ https://github.com/hellonewbie/tutorial/issues/6
المستخدم
 ZengY (UID 91559)
ارسال12/10/2025 11:02 AM (8 أشهر منذ)
الاعتدال26/10/2025 05:59 AM (14 days later)
الحالةتمت الموافقة
إدخال VulDB329914 [code-projects Client Details System 1.0 GET Parameter welcome.php معرف حقن SQL]
النقاط19

التالي نظرة عامة السابق

Do you need the next level of professionalism?

Upgrade your account now!