| Titre | Online Graduate Tracer System sexit.php sql injection |
|---|
| Description | Online Graduate Tracer System sexit.php sql injection
url:tracking/admin/sexit.php
Abstract:
Line 142 of sexit.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
Explanation:
SQL injection errors occur when:
Data enters a program from an untrusted source.
The data is used to dynamically construct a SQL query.
In this case the data is passed to mysqli_query() in sexit.php at line 142.
Download Code:
https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html |
|---|
| La source | ⚠️ https://blog.csdn.net/weixin_43864034/article/details/132508000 |
|---|
| Utilisateur | trutle965 (UID 53355) |
|---|
| Soumission | 26/08/2023 03:41 (il y a 3 ans) |
|---|
| Modérer | 26/08/2023 17:53 (14 hours later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 238154 [SourceCodester Online Graduate Tracer System 1.0 sexit.php mysqli_query ID injection SQL] |
|---|
| Points | 20 |
|---|