提出 #580167: PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection情報

タイトルPHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection
説明A Time-Based Blind SQL Injection vulnerability was discovered in the Credit Card Application Management System v1.0 by PHPGurukul. The issue affects the username parameter in the login endpoint (/ccams/admin/index.php). Using crafted payloads, an unauthenticated attacker can inject SQL commands and extract sensitive data such as admin credentials, email addresses, and phone numbers from the backend MySQL database (ccamsdb). The vulnerability allows complete compromise of the application’s authentication mechanism.
ソース⚠️ https://github.com/GIRISH05/Credit-card-application-management-system/blob/main/SQL-Injection.md
ユーザー
 girishbo (UID 85185)
送信2025年05月18日 12:24 (1 年 ago)
モデレーション2025年05月18日 17:34 (5 hours later)
ステータス承諾済み
VulDBエントリ309504 [PHPGurukul Credit Card Application Management System 1.0 /admin/index.php ユーザー名 SQLインジェクション]
ポイント20

Do you know our Splunk app?

Download it now for free!