| Titolo | Campcodes Online Laundry Management System 1.0 SQL Injection |
|---|
| Descrizione | A vulnerability was found in Campcodes Online Laundry Management System, impacting the page /manage_inv.php. The value of user input (id parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack |
|---|
| Fonte | ⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Laundry%20Management%20System/sql_manage_inv.md |
|---|
| Utente | yylm (UID 67976) |
|---|
| Sottomissione | 10/05/2024 16:17 (2 anni fa) |
|---|
| Moderazione | 11/05/2024 08:18 (16 hours later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 263895 [Campcodes Online Laundry Management System 1.0 /manage_inv.php ID iniezione SQL] |
|---|
| Punti | 19 |
|---|