| शीर्षक | sourcecodester Survey Application System 1.0 SQL Injection |
|---|
| विवरण | view_survey.php directly interpolates $_GET['id'] into an SQL statement without validation or prepared statements. An attacker controlling the id parameter can inject SQL that does not return visible differences but creates measurable delays on the database server. This enables time-based blind SQL injection. The vulnerability is exploitable remotely and without authentication. |
|---|
| स्रोत | ⚠️ https://github.com/lakshayyverma/CVE-Discovery/blob/main/Survey%20Application%20System%202%20.md |
|---|
| उपयोगकर्ता | lakshay12311 (UID 91298) |
|---|
| सबमिशन | 26/10/2025 10:48 AM (6 महीनों पहले) |
|---|
| संयम | 12/11/2025 01:43 PM (17 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 332187 [SourceCodester Survey Application System 1.0 /view_survey.php पहचान SQL इंजेक्शन] |
|---|
| अंक | 20 |
|---|