| عنوان | code-projects Online Product Reservation system in PHP with source code V1.0 SQL Injection |
|---|
| الوصف | A critical SQL injection vulnerability exists in the shopping cart functionality. The application directly concatenates POST parameter and session variable into multiple SQL queries (SELECT, UPDATE, INSERT) without validation, allowing attackers to extract data and manipulate cart contents. |
|---|
| المصدر | ⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_left_cart.php.md |
|---|
| المستخدم | Ho Cherry (UID 94105) |
|---|
| ارسال | 03/01/2026 12:20 PM (3 أشهر منذ) |
|---|
| الاعتدال | 04/01/2026 08:01 AM (20 hours later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 339476 [code-projects Online Product Reservation System 1.0 left_cart.php معرف حقن SQL] |
|---|
| النقاط | 18 |
|---|