Enviar #388771: SourceCodester Sourcecodester Car Driving School Management System 1.0 SQL injectioninformación

TítuloSourceCodester Sourcecodester Car Driving School Management System 1.0 SQL injection
DescripciónAfter receiving the id parameter passed in through the get method in the User.php file, it is directly spliced into the SQL query statement for execution without any security filtering. An attacker can use this parameter to perform SQL injection to read arbitrary database information.
Fuente⚠️ https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20SQL%20Injection-5.md
Usuario
 BFS-Lab (UID 73306)
Sumisión2024-08-10 06:25 (hace 2 años)
Moderación2024-08-10 10:19 (4 hours later)
EstadoAceptado
Entrada de VulDB274125 [SourceCodester Car Driving School Management System 1.0 User.php delete_users ID inyección SQL]
Puntos17

AnteriorVisión De ConjuntoPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!