| 제목 | SourceCodester Resort Reservation System 1.0 has a SQL Injection vulnerability in manage_user.php |
|---|
| 설명 | SourceCodester Resort Reservation System 1.0 has a SQL Injection vulnerability in manage_user.php. Affected is file manage_user.php, the manipulation of the argument id leads to SQL injection after users logged in.When the boolean value is true, the keyword "Update User Details" will appear on the page. Based on this feedback, a remote attacker can exploit SQL boolean-based blind injection to retrieve all data from the database. |
|---|
| 원천 | ⚠️ https://github.com/Yesec/Resort-Reservation-System/blob/main/SQL%20Injection%20in%20manage_user.php/vuln.md |
|---|
| 사용자 | YeSec (UID 50956) |
|---|
| 제출 | 2023. 08. 06. AM 10:17 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 08. 06. PM 03:49 (6 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 236235 [SourceCodester Resort Reservation System 1.0 manage_user.php 아이디 SQL 주입] |
|---|
| 포인트들 | 20 |
|---|