| शीर्षक | Project Worlds timetable unknown SQL injection at course_ajax.php |
|---|
| विवरण | Product link : https://projectworlds.in/online-time-table-generator-php-mysql/
## Vulnerability Overview:
A SQL injection vulnerability has been identified in the `course_ajax.php` script due to improper handling of user input. The vulnerability is associated with the `id` parameter, which is directly incorporated into a SQL query without proper validation and sanitization.
https://localhost/course_ajax.php?id=1%27%20OR%20%271%27=%271 |
|---|
| स्रोत | ⚠️ https://torada.notion.site/SQL-injection-at-course_ajax-php-485d8cca5f8c43dfb1f76c7336a4a45e |
|---|
| उपयोगकर्ता | torada (UID 61170) |
|---|
| सबमिशन | 16/01/2024 05:44 PM (2 साल पहले) |
|---|
| संयम | 19/01/2024 12:09 PM (3 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 251553 [Project Worlds Online Time Table Generator 1.0 course_ajax.php पहचान SQL इंजेक्शन] |
|---|
| अंक | 17 |
|---|