| タイトル | code-projects Easy Blog Site V1.0 SQL Injection |
|---|
| 説明 | This code is used to query whether the current account exists in the database. At the same time, the username and password have not been filtered in any way, nor have they been normalized through function conversion, which allows any password to successfully log in to the account. For example: set username=admin' -- q The password can be filled in at will, and you can log in to the user |
|---|
| ソース | ⚠️ https://github.com/MyMySSS/cve/blob/main/cve.md |
|---|
| ユーザー | MyMy (UID 96642) |
|---|
| 送信 | 2026年03月23日 13:49 (1 月 ago) |
|---|
| モデレーション | 2026年04月05日 22:41 (13 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 355434 [code-projects Easy Blog Site 1.0 login.php username/password SQLインジェクション] |
|---|
| ポイント | 20 |
|---|