Enviar #787674: SourceCodester Loan Management System 1.0 SQL Injectioninformación

TítuloSourceCodester Loan Management System 1.0 SQL Injection
DescripciónA SQL injection vulnerability exists in Loan Management System 1.0. The flaw is found in the save_loan action of the file ajax.php. Manipulation of the POST parameter 'borrower_id' leads to time-based blind SQL injection. An authenticated attacker can use the SLEEP() function to exfiltrate database information by observing server response times.
Fuente⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Loan-Management-System/SQLi-SaveLoan-borrowerId.md
Usuario
 Anonymous User
Sumisión2026-03-25 03:03 (hace 25 días)
Moderación2026-04-08 17:14 (15 days later)
EstadoDuplicado
Entrada de VulDB354487 [SourceCodester Loan Management System 1.0 POST Request ajax.php save_loan borrower_id inyección SQL]
Puntos0

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!