| 제목 | SourceCodester Inventory Management System 1.0 has a SQL injection vulnerability in staff_data.php Software |
|---|
| 설명 | SourceCodester Inventory Management System 1.0 has a SQL injection vulnerability in staff_data.php
Software
Software: Inventory Management System 1.0
Software Link: https://www.sourcecodester.com/php/16741/free-and-open-source-inventory-management-system-php-source-code.html
Vulnerability Type: SQLi
Attack Type: Remote
Vendor of Product: Sourcecodester
Description
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as critical. SourceCodester Inventory Management System 1.0 has a SQL injection vulnerability in staff_data.php. The manipulation of the argument columns%5B0%5D%5Bdata%5D leads to SQLi. Remote attackers can leverage this to affect any other users that visit that portion of the application.
https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory%20Management%20System%20SQLi%20staff_data.md |
|---|
| 원천 | ⚠️ https://github.com/TheCyberDiver/Public-Disclosures-CVE-/blob/main/Inventory%20Management%20System%20SQLi%20staff_data.md |
|---|
| 사용자 | error404unknown (UID 53361) |
|---|
| 제출 | 2023. 08. 27. AM 05:32 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 08. 27. AM 08:07 (3 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 238159 [SourceCodester Inventory Management System 1.0 staff_data.php columns[0][data] SQL 주입] |
|---|
| 포인트들 | 20 |
|---|