| タイトル | code-projects Online Food Ordering System 1.0 SQL Injection |
|---|
| 説明 | A vulnerability classified as critical has been found in code-projects.org Online Food Ordering System 1.0. This vulnerability affects an unknown function of the file /admin.php of the component Admin Login Module. The manipulation of the argument username leads to SQL injection. The injection occurs prior to authentication allowing unauthenticated remote attackers to execute arbitrary SQL commands via the login form. It is possible to launch the attack remotely with no privileges required and no user interaction needed. |
|---|
| ソース | ⚠️ https://gist.github.com/HxH404/8e5bd42c0f968a92a23edc5e7b879955 |
|---|
| ユーザー | Abhiram T (UID 96000) |
|---|
| 送信 | 2026年03月10日 08:07 (27 日 ago) |
|---|
| モデレーション | 2026年03月25日 15:47 (15 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 353149 [code-projects Online Food Ordering System 1.0 Admin Login /admin.php ユーザー名 SQLインジェクション] |
|---|
| ポイント | 20 |
|---|