| शीर्षक | SourceCodester SourceCodester KLiK Social Media Website v1.0.1 SQL Injection |
|---|
| विवरण | SQL Injection vulnerability in /includes/get_message_ajax.php via c_id parameter. Unauthenticated attackers can execute arbitrary SQL commands using time-based blind injection (SLEEP(5)) and UNION-based injection to extract database information including user credentials, private messages, and system data. |
|---|
| स्रोत | ⚠️ https://github.com/msaad1999/KLiK-SocialMediaWebsite |
|---|
| उपयोगकर्ता | g111 (UID 92409) |
|---|
| सबमिशन | 05/04/2026 07:54 AM (21 दिन पहले) |
|---|
| संयम | 24/04/2026 10:22 PM (20 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 359561 [KLiK SocialMediaWebsite तक 1.0.1 Private Message get_message_ajax.php c_id SQL इंजेक्शन] |
|---|
| अंक | 18 |
|---|