जमा करें #343373: SourceCodester Online Hospital Management System Using PHP/MySQL V1.0 SQL Injectionजानकारी

शीर्षकSourceCodester Online Hospital Management System Using PHP/MySQL V1.0 SQL Injection
विवरणThe fourth line of the departmentDoctor.php file uses the PHP method to retrieve user input from the $_GET element. Then, the value of this element will be passed to the code without proper purification or validation, and ultimately used for database queries in the PHP method on line 5 of the departmentDoctor.php file. This may lead to SQL injection attacks ZhaoBin Huang has discovered that due to insufficient protection of the "deptid" parameter in the "\departmentDoctor.php" file, "Best courier management system project in php" there is a serious security vulnerability in the This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database.database.
स्रोत⚠️ https://github.com/CveSecLook/cve/issues/41
उपयोगकर्ता
 ZhaoBin Huang (UID 69070)
सबमिशन23/05/2024 02:10 PM (2 साल पहले)
संयम25/05/2024 08:08 AM (2 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि266274 [SourceCodester Online Hospital Management System 1.0 departmentDoctor.php deptid SQL इंजेक्शन]
अंक20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!