| Titel | Friendly Island Pizza Website and Ordering System v1.0 /FriendlyIsPizzaWebsite/large.php GET parameter id exists SQL injection vulnerability |
|---|
| Beschreibung | An issue was discovered in Friendly Island Pizza Website and Ordering System v1.0.
There is a SQL injection that can directly issue instructions to the background database system via /FriendlyIsPizzaWebsite/large.php?id.
Payload:id=1 union all select null,null,null,concat(0x31323334,0x21222324,0x41424344),null,null,null,null,null-- |
|---|
| Quelle | ⚠️ https://github.com/tangtangtang123456/bug_report/blob/main/vendors/Skynidnine/Friendly%20Island%20Pizza%20Website%20and%20Ordering%20System/SQLi-1.md |
|---|
| Benutzer | tangtangtang123456 (UID 42577) |
|---|
| Einreichung | 10.03.2023 03:23 (vor 3 Jahren) |
|---|
| Moderieren | 10.03.2023 08:39 (5 hours later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 222699 [SourceCodester Friendly Island Pizza Website and Ordering System 1.0 GET Parameter large.php ID SQL Injection] |
|---|
| Punkte | 18 |
|---|