إرسال #838559: yashpokharna2555 restaurent-management-system 1 SQL Injectionالمعلومات

عنوانyashpokharna2555 restaurent-management-system 1 SQL Injection
الوصفA vulnerability has been found in yashpokharna2555 restaurent-management-system. The password reset entrypoint `forgotpassword.php` uses the attacker-controlled `email` POST parameter directly in SQL statements without parameterization. Specifically, the application concatenates `$_POST['email']` into both a SELECT query for reset lookup and an UPDATE query for reset token write-back. Dynamic verification confirmed exploitable blind SQL injection, including boolean-based blind and time-based blind techniques. The backend DBMS was identified as MySQL and the current database name `testing` could be retrieved.
المصدر⚠️ https://github.com/yashpokharna2555/restaurent-management-system/issues/3
المستخدم
 wr0ld (UID 98487)
ارسال27/05/2026 10:31 AM (1 شهر منذ)
الاعتدال27/06/2026 08:10 PM (1 month later)
الحالةتمت الموافقة
إدخال VulDB374493 [yashpokharna2555 restaurent-management-system POST Parameter /forgotpassword.php email حقن SQL]
النقاط20

Do you want to use VulDB in your project?

Use the official API to access entries easily!