| タイトル | code-projects.org Smart Parking System In PHP 1.0 SQL Injection |
|---|
| 説明 | While testing open-source PHP applications for security vulnerabilities, I identified a Critical SQL Injection vulnerability in the Smart Parking System In PHP available on code-projects.org. The vulnerability allows unauthenticated or authenticated attackers to perform UNION-based and Time-based Blind SQL Injection, leading to full database enumeration, credential disclosure, and Arbitrary File Read via excessive database privileges. |
|---|
| ソース | ⚠️ https://medium.com/@avdzav10/sql-injection-leading-to-arbitrary-file-read-in-smart-parking-system-php-2cd5b084f9e1 |
|---|
| ユーザー | anubhav106 (UID 98769) |
|---|
| 送信 | 2026年06月04日 20:02 (30 日 ago) |
|---|
| モデレーション | 2026年07月04日 10:56 (30 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 376317 [code-projects Smart Parking System 1.0 /parkings/parkings.php street/city/status SQLインジェクション] |
|---|
| ポイント | 20 |
|---|