| 제목 | SourceCodester Online Mobile Management Store 1.0 Unauthenticated SQL Injection |
|---|
| 설명 | The code in 'view_order.php' directly uses the $_GET['id'] parameter in the SQL query without proper sanitization or validation. An attacker could manipulate the id parameter in the URL to inject malicious SQL code, potentially leading to unauthorized access or data manipulation. |
|---|
| 원천 | ⚠️ https://github.com/vanitashtml/CVE-Dumps/blob/main/Unauthenticated%20SQL%20Injection%20-%20Mobile%20Management%20Store.md |
|---|
| 사용자 | rjavenido22 (UID 64261) |
|---|
| 제출 | 2024. 03. 03. AM 05:47 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 03. 03. PM 05:01 (11 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 255586 [SourceCodester Online Mobile Management Store 1.0 view_product.php 아이디 SQL 주입] |
|---|
| 포인트들 | 18 |
|---|