| शीर्षक | keerti1924 Online-Book-Store-Website 1.0 SQL Injection |
|---|
| विवरण | The 'search.php' script in keerti1924's Online-Book-Store-Website is vulnerable to SQL Injection, allowing attackers to execute arbitrary SQL commands and gain unauthorized access to the underlying database. This could lead to unauthorized data disclosure, data manipulation, and potential data loss, compromising the confidentiality, integrity, and availability of the system and its data. By injecting a crafted payload into the 'search' parameter, an attacker can exploit this vulnerability to retrieve sensitive information from the database, such as version details. To mitigate this issue, developers should implement robust input validation and parameterized queries to sanitize user input and prevent SQL Injection attacks. Regular security assessments and code reviews are also recommended to detect and remediate such vulnerabilities in the application's codebase. |
|---|
| स्रोत | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/keerti1924%20Online-Book-Store-Website/SQL%20Injection%20Search/SQL%20Injection%20in%20search.php%20.md |
|---|
| उपयोगकर्ता | nochizplz (UID 64302) |
|---|
| सबमिशन | 25/02/2024 05:15 PM (2 साल पहले) |
|---|
| संयम | 07/03/2024 03:35 PM (11 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 256039 [keerti1924 Online-Book-Store-Website 1.0 /search.php खोज SQL इंजेक्शन] |
|---|
| अंक | 20 |
|---|