| Titolo | SourceCodester Online Mobile Management Store 1.0 Unauthenticated SQL Injection |
|---|
| Descrizione | The code in 'view_order.php' directly uses the $_GET['id'] parameter in the SQL query without proper sanitization or validation. An attacker could manipulate the id parameter in the URL to inject malicious SQL code, potentially leading to unauthorized access or data manipulation. |
|---|
| Fonte | ⚠️ https://github.com/vanitashtml/CVE-Dumps/blob/main/Unauthenticated%20SQL%20Injection%20-%20Mobile%20Management%20Store.md |
|---|
| Utente | rjavenido22 (UID 64261) |
|---|
| Sottomissione | 03/03/2024 05:47 (2 anni fa) |
|---|
| Moderazione | 03/03/2024 17:01 (11 hours later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 255586 [SourceCodester Online Mobile Management Store 1.0 view_product.php ID iniezione SQL] |
|---|
| Punti | 18 |
|---|