जमा करें #849494: mjperpinosa stumasy 327d1b0f2915ba79d7ef8ebb74553e987609d9be SQL Injectionजानकारी

शीर्षकmjperpinosa stumasy 327d1b0f2915ba79d7ef8ebb74553e987609d9be SQL Injection
विवरणThe affected component is `application/PHP/objects/notes/search_scratch_data.php`, which passes the user-controlled `field_name` parameter into `Notes_controller::search_scratch_data()`. The controller concatenates `field_name` into the SQL structure three times: ```php $field_name = $_POST["field_name"]; ... $select_statement = $this->db_holder->prepare("SELECT sd.* FROM scratch_data AS sd, users_scratch_data AS usd, users AS u WHERE sd.scratch_data_id = usd.scratch_data_id AND u.user_id = usd.user_id AND u.user_id = ? AND (".$field_name." LIKE ? OR ".$field_name." LIKE ? OR ".$field_name." LIKE ?) ORDER BY date_added, time_added ASC;"); $select_statement->execute(array($_SESSION["user_id"], "%".$value, "%".$value."%", $value."%")); ``` An authenticated attacker can inject SQL expressions such as `scratch_data) OR SLEEP(1) OR (scratch_data` through `field_name`, causing measurable database delays. This is a blind SQL injection that can be used to infer database contents.
स्रोत⚠️ https://github.com/mjperpinosa/stumasy/issues/7
उपयोगकर्ता
 cnluminous (UID 98136)
सबमिशन05/06/2026 04:48 PM (30 दिन पहले)
संयम04/07/2026 05:50 PM (29 days later)
स्थितिस्वीकृत
VulDB प्रविष्टि376340 [mjperpinosa stumasy तक 327d1b0f2915ba79d7ef8ebb74553e987609d9be search_scratch_data.php search_scratch_data field_name SQL इंजेक्शन]
अंक20

Want to stay up to date on a daily basis?

Enable the mail alert feature now!