| 제목 | Online Computer and Laptop Store SQL injection exists at the newly added category list |
|---|
| 설명 | This project is entitled Online Computer and Laptop Store. This web application was developed to provide an online platform for a certain computer store or business possible customers for exploring and ordering the products.Version number: v1.0
Source code online address:https://www.sourcecodester.com/php/16397/online-computer-and-laptop-store-using-php-and-mysql-source-code-free-download.html
In the backend of the system, there is a function for managing system categories, which is different from subcategory management and belongs to the parent class of subcategories. At the same time, the interfaces called in the code are also different. At this function point, the subcategories of the system can be managed and added. When adding, only simple verification and judgment were performed on the ID, without verifying user input content or pre compiling processing. There is also no filtering of user input content, and there is SQL injection. Malicious users can splice SQL statements to cause harm to the platform. |
|---|
| 원천 | ⚠️ https://github.com/boyi0508/Online-Computer-and-Laptop-Store/blob/main/SQL%20injection%20exists%20at%20the%20newly%20added%20category%20list.pdf |
|---|
| 사용자 | yanfei.chen (UID 39837) |
|---|
| 제출 | 2023. 04. 08. AM 06:25 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 04. 08. AM 08:31 (2 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 225346 [SourceCodester Online Computer and Laptop Store 1.0 Master.php?f=save_category 범주 SQL 주입] |
|---|
| 포인트들 | 20 |
|---|