| 제목 | MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 SQL Injection |
|---|
| 설명 | The Online College Event Hall Reservation System is vulnerable to SQL Injection in its /admin/receipt.php script through the room_id parameter. This vulnerability allows attackers to execute arbitrary SQL commands, as demonstrated by the injection that retrieves the database version. This issue highlights the need for secure coding practices, including the use of parameterized queries or prepared statements, to prevent SQL Injection and protect the application's data integrity. |
|---|
| 원천 | ⚠️ https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/SQL%20Injection%20-%20receipt.php.md |
|---|
| 사용자 | nochizplz (UID 64302) |
|---|
| 제출 | 2024. 03. 06. PM 04:59 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 03. 15. PM 05:29 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 256961 [MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 /admin/receipt.php room_id SQL 주입] |
|---|
| 포인트들 | 20 |
|---|