| Titel | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 SQL Injection |
|---|
| Beschreibung | The Online College Event Hall Reservation System has a critical SQL Injection vulnerability in its /login.php script, allowing for authentication bypass. By manipulating the email parameter, attackers can gain unauthorized access to the system. This flaw highlights the necessity of sanitizing and validating user inputs to prevent SQL Injection attacks. |
|---|
| Quelle | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20Auth%20bypass%20-%20login.php.md |
|---|
| Benutzer | nochizplz (UID 64302) |
|---|
| Einreichung | 06.03.2024 16:11 (vor 2 Jahren) |
|---|
| Moderieren | 15.03.2024 17:29 (9 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 256951 [MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 /login.php email SQL Injection] |
|---|
| Punkte | 18 |
|---|