| Titolo | SourceCodester Employee Management System 1.0 Sql Injection |
|---|
| Descrizione | A critical SQL injection vulnerability exists in the SourceCodester Employee Management System's psubmit.php script, allowing attackers to inject malicious SQL code via the pid parameter. Exploiting this flaw could lead to unauthorized access to sensitive data or modification of database records. Remediation involves implementing input validation and parameterized queries to prevent injection attacks, alongside regular security assessments to maintain robust protection. |
|---|
| Fonte | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/SOURCECODESTER%20EMPLOYEE%20MANAGEMENT%20SYSTEM/Employee%20Project%20SQL%20Injection%20Update.md |
|---|
| Utente | nochizplz (UID 64302) |
|---|
| Sottomissione | 24/02/2024 11:49 (2 anni fa) |
|---|
| Moderazione | 25/02/2024 19:30 (1 day later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 254724 [SourceCodester Employee Management System 1.0 /psubmit.php pid iniezione SQL] |
|---|
| Punti | 20 |
|---|