| عنوان | code-projects Online Product Reservation System V1.0 SQL Injection |
|---|
| الوصف | A critical SQL injection vulnerability exists in the shopping cart delete functionality. The application directly concatenates POST parameter into SQL DELETE query without validation, allowing attackers to extract database data and manipulate cart contents.
|
|---|
| المصدر | ⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_checkout_delete.php.md |
|---|
| المستخدم | Ho Cherry (UID 94105) |
|---|
| ارسال | 03/01/2026 05:37 PM (4 أشهر منذ) |
|---|
| الاعتدال | 04/01/2026 07:06 PM (1 day later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 339500 [code-projects Online Product Reservation System 1.0 POST Parameter /app/checkout/delete.php معرف حقن SQL] |
|---|
| النقاط | 18 |
|---|