Enviar #268619: Project Worlds timetable unknown SQL injection at course_ajax.phpinformación

TítuloProject Worlds timetable unknown SQL injection at course_ajax.php
DescripciónProduct link : https://projectworlds.in/online-time-table-generator-php-mysql/ ## Vulnerability Overview: A SQL injection vulnerability has been identified in the `course_ajax.php` script due to improper handling of user input. The vulnerability is associated with the `id` parameter, which is directly incorporated into a SQL query without proper validation and sanitization. https://localhost/course_ajax.php?id=1%27%20OR%20%271%27=%271
Fuente⚠️ https://torada.notion.site/SQL-injection-at-course_ajax-php-485d8cca5f8c43dfb1f76c7336a4a45e
Usuario
 torada (UID 61170)
Sumisión2024-01-16 17:44 (hace 2 años)
Moderación2024-01-19 12:09 (3 days later)
EstadoAceptado
Entrada de VulDB251553 [Project Worlds Online Time Table Generator 1.0 course_ajax.php ID inyección SQL]
Puntos17

AnteriorVisión De ConjuntoPróximo

Want to know what is going to be exploited?

We predict KEV entries!