| 제목 | BP Monitoring Management System v1.0 Password Recovery SQL Injection |
|---|
| 설명 | A vulnerability classified as severe has been discovered in BP Monitoring Management System v1.0. The vulnerability appears in the password recovery. php file to retrieve user passwords. Operations on parameters contactno, emailid, and newpassword can all cause SQL injection, which can control SQL queries and lead to database information leakage. This will pose a serious threat to system security and sensitive data within the system. Even disrupted the normal use of the system! |
|---|
| 원천 | ⚠️ https://github.com/vsdwef/BP-Monitoring-Management-System/blob/main/password-recovery.php_SQL_English.pdf |
|---|
| 사용자 | dbapp.jy (UID 44542) |
|---|
| 제출 | 2023. 04. 08. AM 05:55 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 04. 08. AM 08:12 (2 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 225337 [PHPGurukul BP Monitoring Management System 1.0 Password Recovery password-recovery.php emailid/contactno SQL 주입] |
|---|
| 포인트들 | 20 |
|---|