जमा करें #510360: https://phpgurukul.com/human-metapneumovirus-hmpv-testing-manage Human Metapneumovirus (HMPV) – Testing Management System 1.0 SQL Injectionजानकारी

शीर्षकhttps://phpgurukul.com/human-metapneumovirus-hmpv-testing-manage Human Metapneumovirus (HMPV) – Testing Management System 1.0 SQL Injection
विवरणA SQL injection vulnerability exists in the login functionality of the `login.php` page. An attacker can bypass the normal authentication mechanism by entering a malicious SQL statement (e.g., `' OR 1=1 -- `) in the username input field and entering any value or leaving the password field blank. After clicking the login button, the system will execute the modified SQL query, allowing the attacker to log in directly and be redirected to the `dashboard.php` page. This vulnerability may allow attackers to access the system without valid credentials, thereby obtaining sensitive information (such as user data and business data) and performing malicious operations on the database (such as modifying or deleting data), posing a serious threat to the security and stability of the system.
स्रोत⚠️ https://github.com/sorcha-l/cve/blob/main/Human%20Metapneumovirus%20(HMPV)%20%E2%80%93%20Testing%20Management%20System%20%20SQL%20Injection%20Vulnerability.md
उपयोगकर्ता
 lxk_ (UID 81990)
सबमिशन27/02/2025 06:13 AM (1 वर्ष पहले)
संयम04/03/2025 05:06 PM (5 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि298555 [PHPGurukul Human Metapneumovirus Testing Management System 1.0 /login.php उपयोगकर्ता नाम SQL इंजेक्शन]
अंक20

Interested in the pricing of exploits?

See the underground prices here!