Submit #775171: SourceCodester Sales and Inventory System 1.0 SQL Injection
| Titel | SourceCodester Sales and Inventory System 1.0 SQL Injection |
|---|---|
| Beschreibung | A SQL injection vulnerability exists in Inventory System version 1.0. The vulnerability occurs in the update_category.php file, where the sid HTTP GET parameter is not properly sanitized. This allows an authenticated attacker to inject arbitrary SQL commands. |
| Quelle | ⚠️ https:/ |
| Benutzer | Anonymous User |
| Einreichung | 08.03.2026 15:29 (vor 28 Tagen) |
| Moderieren | 24.03.2026 16:11 (16 days later) |
| Status | Akzeptiert |
| VulDB Eintrag | 352796 [SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_category.php sid SQL Injection] |
| Punkte | 18 |