| Título | SourceCodester Best House Rental Management System 1.0 SQL Injection |
|---|
| Descripción | At "/index.php?page=view_payment&id=abc", the GET parameter id is untrusted data and goes directly into an SQL query without any sanitization or validation, this allows any authenticated user can do an SQL injection, which could damage the entire database. |
|---|
| Fuente | ⚠️ https://drive.google.com/file/d/1UeP0zPOIJ3KgfWMh5IrnkDLeJjrIP4eG/view?usp=sharing |
|---|
| Usuario | dwgth4i (UID 74608) |
|---|
| Sumisión | 2024-09-09 12:57 (hace 2 años) |
|---|
| Moderación | 2024-09-09 16:53 (4 hours later) |
|---|
| Estado | Duplicado |
|---|
| Entrada de VulDB | 265073 [SourceCodester Best House Rental Management System 1.0 view_payment.php ID inyección SQL] |
|---|
| Puntos | 0 |
|---|