Enviar #648959: itsourcecode Online Public Access Catalog (OPAC) 1 SQL Injectioninformación

Títuloitsourcecode Online Public Access Catalog (OPAC) 1 SQL Injection
DescripciónThe mysearch.php file of the application is vulnerable to multiple forms of SQL Injection due to unsanitized user input being concatenated directly into SQL statements. Attackers can manipulate the search_field and search_text POST parameters to inject malicious SQL. This allows for boolean-based blind, time-based blind, and UNION-based injection techniques, enabling database enumeration and data exfiltration.
Fuente⚠️ https://github.com/drew-byte/Online-Public-Access-Catalog-OPAC-SQLi-PoC/blob/main/README.md
Usuario
 drewbyte (UID 89075)
Sumisión2025-09-05 20:01 (hace 8 meses)
Moderación2025-09-17 07:55 (11 days later)
EstadoAceptado
Entrada de VulDB324609 [itsourcecode Online Public Access Catalog OPAC 1.0 POST Parameter mysearch.php search_field/search_text inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!