Soumettre #715574: phpok3w 1.0 SQL Injectioninformation

Titrephpok3w 1.0 SQL Injection
DescriptionThe article display function on the phpok3w front-end contains an SQL injection vulnerability. The application directly concatenates user-supplied GET parameters into SQL queries without proper validation or sanitization. An unauthenticated attacker can inject malicious input to tamper with the SQL query structure, leading to unexpected database query execution. This vulnerability allows attackers to modify SQL logic and potentially execute UNION-based queries to access sensitive database information.
La source⚠️ https://gitee.com/9786/phpok3w/issues/IDD1IZ
Utilisateur
 formanagain (UID 93347)
Soumission15/12/2025 07:54 (il y a 4 mois)
Modérer27/12/2025 11:21 (12 days later)
StatutAccepté
Entrée VulDB338520 [9786 phpok3w show.php ID injection SQL]
Points20

PrécédentAperçuSuivant

Do you need the next level of professionalism?

Upgrade your account now!