Invia #332545: Kashipara Complete Web-Based School Management System ≤1.0 SQL Injectioninformazioni

TitoloKashipara Complete Web-Based School Management System ≤1.0 SQL Injection
DescrizioneSQL injection vulnerability exists in date_of_birth parameter of submit_student.php file of College Management System Important user data or system data may be leaked and system security may be compromised The environment is secure and the information can be used by malicious users. Payload: date_of_birth=1'+(SELECT 1 AND (SELECT 1 FROM (SELECT(SLEEP(10)))v))+'
Fonte⚠️ https://github.com/E1CHO/cve_hub/blob/main/College%20Management%20System/College%20Management%20System%20-%20vuln%203.pdf
Utente
 SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (UID 38936)
Sottomissione10/05/2024 16:43 (2 anni fa)
Moderazione12/05/2024 07:37 (2 days later)
StatoAccettato
Voce VulDB263920 [Kashipara College Management System 1.0 submit_student.php date_of_birth iniezione SQL]
Punti19

PrecedenteVisione D'ensembleIl prossimo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!