提出 #496087: Needyamin Library-Card-System 1.0 SQL Injection
| タイトル | Needyamin Library-Card-System 1.0 SQL Injection |
|---|---|
| 説明 | Title of the Vulnerability: Needyamin | Library-Card-System 1.0 | card.php?id= SQL Injection | Found By Maloy Roy Orko Finder & Exploit Owner: Maloy Roy Orko Vulnerability Class: SQL Injection Product Name: Library-Card-System Vendor: needyamin Vendor Link: https://github.com/needyamin/ Vulnerable Product Link: https://github.com/needyamin/Library-Card-System/ Affected Components: ID Parameters Suggested Description: SQL Injection in "id parameter" in "Library-Card-System By needyamin v 1.0" allows "remote" attacker "to dump database as this isn't protected" via "card.php?id=" Attack Vectors: To exploit vulnerability,he has to input exploits via parameters and then he can dump whole database. Detailed Blog: https://www.websecurityinsights.my.id/2025/02/needyamin-library-card-system-10.html |
| ソース | ⚠️ https:/ |
| ユーザー | MaloyRoyOrko (UID 79572) |
| 送信 | 2025年02月06日 16:38 (1 年 ago) |
| モデレーション | 2025年02月15日 16:30 (9 days later) |
| ステータス | 承諾済み |
| VulDBエントリ | 295964 [needyamin Library Card System 1.0 card.php 識別子 SQLインジェクション] |
| ポイント | 20 |