| शीर्षक | code-projects Online Product Reservation system V1.0 SQL Injection |
|---|
| विवरण | A critical SQL injection vulnerability exists in the product editing functionality. The application directly concatenates user input from both GET and POST parameters into SQL queries without validation, allowing attackers to extract sensitive database data and modify product information. |
|---|
| स्रोत | ⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_admin_edit.php.md |
|---|
| उपयोगकर्ता | Ho Cherry (UID 94105) |
|---|
| सबमिशन | 03/01/2026 12:13 PM (5 महीनों पहले) |
|---|
| संयम | 03/01/2026 05:02 PM (5 hours later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 339463 [code-projects Online Product Reservation System 1.0 POST Parameter edit.php prod_id/name/price/model/serial SQL इंजेक्शन] |
|---|
| अंक | 17 |
|---|