| タイトル | Best employee management system in php print1.php V1.0 SQL Injection |
|---|
| 説明 | hr_softadmin/print1.php file line 104 php method gets user input from the GET element. The value of this element is then passed to the code without proper sanitisation or validation, and is ultimately used in the php method on line 108 of the hr_softadminprint1.php file for database queries. This can lead to SQL injection attacks.
baiyunjian has discovered that due to insufficient protection of the "id" parameter in the "admin/print1.php" file, "Best employee management system in php" there is a serious security vulnerability in the This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database. |
|---|
| ソース | ⚠️ https://github.com/Hefei-Coffee/cve/issues/2 |
|---|
| ユーザー | baiyunjian (UID 82187) |
|---|
| 送信 | 2025年03月04日 10:35 (1 年 ago) |
|---|
| モデレーション | 2025年03月06日 15:21 (2 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 298796 [SourceCodester Best Employee Management System 1.0 /admin/print1.php 識別子 SQLインジェクション] |
|---|
| ポイント | 20 |
|---|