| Titolo | code-projects Simple Leave Manager 1.0 SQL Injection |
|---|
| Descrizione | In the user.php file of Simple Leave Manager, theuser table parameter is obtained, and the SQL statement is concatenated to the SQL statement without filtering the execution, resulting in SQL injection vulnerabilities and server permissions |
|---|
| Fonte | ⚠️ https://github.com/asd1238525/cve/blob/main/SQL8.md |
|---|
| Utente | 86xx (UID 91400) |
|---|
| Sottomissione | 08/10/2025 10:55 (9 mesi fa) |
|---|
| Moderazione | 09/10/2025 14:10 (1 day later) |
|---|
| Stato | Accettato |
|---|
| Voce VulDB | 327716 [code-projects Simple Leave Manager 1.0 /user.php table iniezione SQL] |
|---|
| Punti | 17 |
|---|