제출 #268619: Project Worlds timetable unknown SQL injection at course_ajax.php정보

제목Project Worlds timetable unknown SQL injection at course_ajax.php
설명Product link : https://projectworlds.in/online-time-table-generator-php-mysql/ ## Vulnerability Overview: A SQL injection vulnerability has been identified in the `course_ajax.php` script due to improper handling of user input. The vulnerability is associated with the `id` parameter, which is directly incorporated into a SQL query without proper validation and sanitization. https://localhost/course_ajax.php?id=1%27%20OR%20%271%27=%271
원천⚠️ https://torada.notion.site/SQL-injection-at-course_ajax-php-485d8cca5f8c43dfb1f76c7336a4a45e
사용자
 torada (UID 61170)
제출2024. 01. 16. PM 05:44 (2 연령 ago)
모더레이션2024. 01. 19. PM 12:09 (3 days later)
상태수락
VulDB 항목251553 [Project Worlds Online Time Table Generator 1.0 course_ajax.php 아이디 SQL 주입]
포인트들17

이전개요다음

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!