| Título | haxxorsid stock-management-system 1.0 SQL Injection |
|---|
| Descripción | haxxorsid/stock-management-system uses string concatenation to construct SQL statements to query data, but does not filter all the variables involved in concatenation, resulting in unauthorized users can inject malicious SQL statements to query sensitive data or perform malicious database operations. |
|---|
| Fuente | ⚠️ https://github.com/ixpqxi/CVE_LIST/blob/master/stock_management_system/sql_injection_vulnerability.md |
|---|
| Usuario | ixpqxi (UID 83247) |
|---|
| Sumisión | 2025-12-01 04:00 (hace 6 meses) |
|---|
| Moderación | 2025-12-12 12:14 (11 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 336192 [haxxorsid Stock-Management-System hasta fbbbf213e9c93b87183a3891f77e3cc7095f22b0 model/User.php employee_id/id/admin inyección SQL] |
|---|
| Puntos | 17 |
|---|