| Titre | Code-projects Assessment Management v1.0 SQL injection |
|---|
| Description | A SQL injection vulnerability was identified within the "add-module.php" file of the "Assessment Management" project. The root cause lies in the fact that attackers can inject malicious code via the parameter "linked%5B%5D". This input is then directly utilized in SQL queries without undergoing proper sanitization or validation processes. As a result, attackers are able to fabricate input values, manipulate SQL queries, and execute unauthorized operations. Immediate corrective actions are essential to safeguard system security and uphold data integrity. |
|---|
| La source | ⚠️ https://github.com/Limingqian123/CVE/issues/3 |
|---|
| Utilisateur | Mobird (UID 93849) |
|---|
| Soumission | 26/12/2025 03:53 (il y a 3 mois) |
|---|
| Modérer | 28/12/2025 11:06 (2 days later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 338582 [code-projects Assessment Management 1.0 /admin/add-module.php linked[] injection SQL] |
|---|
| Points | 20 |
|---|