Submit #731091: code-projects Online Product Reservation system V1.0 SQL Injectioninfo

Titelcode-projects Online Product Reservation system V1.0 SQL Injection
BeschreibungA critical SQL injection vulnerability exists in the product editing functionality. The application directly concatenates user input from both GET and POST parameters into SQL queries without validation, allowing attackers to extract sensitive database data and modify product information.
Quelle⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_admin_edit.php.md
Benutzer
 Ho Cherry (UID 94105)
Einreichung03.01.2026 12:13 (vor 5 Monaten)
Moderieren03.01.2026 17:02 (5 hours later)
StatusAkzeptiert
VulDB Eintrag339463 [code-projects Online Product Reservation System 1.0 POST Parameter edit.php prod_id/name/price/model/serial SQL Injection]
Punkte17

ZurückÜbersichtWeiter

Want to stay up to date on a daily basis?

Enable the mail alert feature now!