Enviar #780399: code-projects Student Membership System 1.0 SQL Injectioninformación

Títulocode-projects Student Membership System 1.0 SQL Injection
DescripciónThe member deletion function directly concatenates $_POST['id'] into the SQL delete statement. An attacker could modify the ID parameter to delete any member record, or even execute other malicious operations via SQL injection. Impact: An attacker could delete all member data; by injecting a DROP TABLE command, they could delete the entire database table, resulting in permanent data loss.
Fuente⚠️ https://github.com/maidangdang1/CVE/issues/2
Usuario
 nomath (UID 96446)
Sumisión2026-03-15 10:34 (hace 21 días)
Moderación2026-03-31 00:24 (16 days later)
EstadoAceptado
Entrada de VulDB354294 [code-projects Student Membership System 1.0 /delete_member.php ID inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!