إرسال #855975: code-projects Online Job Portal System 1.0 SQL Injectionالمعلومات

عنوانcode-projects Online Job Portal System 1.0 SQL Injection
الوصفDuring a security review of "Online Job Portal System", a critical SQL injection vulnerability was discovered in the /login.php file. This vulnerability stems from insufficient user input validation of the txtUser and txtPass POST parameters, allowing attackers to inject malicious SQL queries into the authentication logic. The attacker can log into any account type (Administrator, Employer, JobSeeker) without valid credentials by appending SQL injection payloads to the login form.
المصدر⚠️ https://github.com/shihuizhang-dazhi/MY-CVE/issues/5
المستخدم
 dazhi (UID 87857)
ارسال11/06/2026 12:52 PM (1 شهر منذ)
الاعتدال13/07/2026 11:19 PM (1 month later)
الحالةمكرر
إدخال VulDB376174 [code-projects Online Job Portal 1.0 login.php txtUser/txtPass حقن SQL]
النقاط0

Do you know our Splunk app?

Download it now for free!