जमा करें #580167: PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injectionजानकारी

शीर्षकPHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection
विवरणA Time-Based Blind SQL Injection vulnerability was discovered in the Credit Card Application Management System v1.0 by PHPGurukul. The issue affects the username parameter in the login endpoint (/ccams/admin/index.php). Using crafted payloads, an unauthenticated attacker can inject SQL commands and extract sensitive data such as admin credentials, email addresses, and phone numbers from the backend MySQL database (ccamsdb). The vulnerability allows complete compromise of the application’s authentication mechanism.
स्रोत⚠️ https://github.com/GIRISH05/Credit-card-application-management-system/blob/main/SQL-Injection.md
उपयोगकर्ता
 girishbo (UID 85185)
सबमिशन18/05/2025 12:24 PM (1 वर्ष पहले)
संयम18/05/2025 05:34 PM (5 hours later)
स्थितिस्वीकृत
VulDB प्रविष्टि309504 [PHPGurukul Credit Card Application Management System 1.0 /admin/index.php उपयोगकर्ता नाम SQL इंजेक्शन]
अंक20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!