| 제목 | code-projects Pharmacy Management System 1.0 SQL Injection |
|---|
| 설명 | A critical SQL injection vulnerability was identified in the Pharmacy Management System version 1.0, specifically in the Manage Supplier search functionality. This flaw occurs through the text parameter sent via a GET request to the endpoint /php/manage_supplier.php?action=search&text=a. Attackers can manipulate this parameter to execute arbitrary SQL commands, compromising the database's security and integrity. |
|---|
| 원천 | ⚠️ https://gist.github.com/higordiego/2bd0a94e480906a60ce83b8a4ec26957 |
|---|
| 사용자 | c4ttr4ck (UID 75518) |
|---|
| 제출 | 2024. 10. 15. PM 11:27 (2 연령 ago) |
|---|
| 모더레이션 | 2024. 10. 16. AM 08:05 (9 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 280557 [code-projects Pharmacy Management System 1.0 manage_supplier.php?action=search text SQL 주입] |
|---|
| 포인트들 | 20 |
|---|