提出 #506350: PHPGurukul News Portal V4.1 SQL Injection情報

タイトルPHPGurukul News Portal V4.1 SQL Injection
説明A SQL injection vulnerability was found in the '/login.php' file of the 'News Portal ' project. The reason for this issue is that attackers inject malicious code from the parameter 'id' and use it directly in SQL queries without the need for appropriate cleaning or validation. This allows attackers to forge input values, thereby manipulating SQL queries and performing unauthorized operations.
ソース⚠️ https://github.com/panghuanjie/Code-audits/issues/2
ユーザー
 panghuanjie66 (UID 81900)
送信2025年02月24日 20:04 (1 年 ago)
モデレーション2025年03月02日 21:27 (6 days later)
ステータス承諾済み
VulDBエントリ298127 [PHPGurukul News Portal 4.1 /login.php 識別子 SQLインジェクション]
ポイント19

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!