提出 #855975: code-projects Online Job Portal System 1.0 SQL Injection情報

タイトルcode-projects Online Job Portal System 1.0 SQL Injection
説明During a security review of "Online Job Portal System", a critical SQL injection vulnerability was discovered in the /login.php file. This vulnerability stems from insufficient user input validation of the txtUser and txtPass POST parameters, allowing attackers to inject malicious SQL queries into the authentication logic. The attacker can log into any account type (Administrator, Employer, JobSeeker) without valid credentials by appending SQL injection payloads to the login form.
ソース⚠️ https://github.com/shihuizhang-dazhi/MY-CVE/issues/5
ユーザー
 dazhi (UID 87857)
送信2026年06月11日 12:52 (1 月 ago)
モデレーション2026年07月13日 23:19 (1 month later)
ステータス重複
VulDBエントリ376174 [code-projects Online Job Portal 1.0 login.php txtUser/txtPass SQLインジェクション]
ポイント0

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!