إرسال #797302: SourceCodester SourceCodester KLiK Social Media Website v1.0.1 SQL Injectionالمعلومات

عنوانSourceCodester SourceCodester KLiK Social Media Website v1.0.1 SQL Injection
الوصفSQL Injection vulnerability in /includes/get_message_ajax.php via c_id parameter. Unauthenticated attackers can execute arbitrary SQL commands using time-based blind injection (SLEEP(5)) and UNION-based injection to extract database information including user credentials, private messages, and system data.
المصدر⚠️ https://github.com/msaad1999/KLiK-SocialMediaWebsite
المستخدم
 g111 (UID 92409)
ارسال05/04/2026 07:54 AM (21 أيام منذ)
الاعتدال24/04/2026 10:22 PM (20 days later)
الحالةتمت الموافقة
إدخال VulDB359561 [KLiK SocialMediaWebsite حتى 1.0.1 Private Message get_message_ajax.php c_id حقن SQL]
النقاط18

التالي نظرة عامة السابق

Interested in the pricing of exploits?

See the underground prices here!