| 제목 | SQL injection vulnerability exists in Hostel searching project |
|---|
| 설명 | After the environment is built,Go to view-property.php,We can see the parameter property following the url_ ID is controllable。property_ ID is assigned to $property_ The ID variable is then brought into the database for query, and the query result is returned. During this process, the property_ The ID is brought into the database without being filtered, thus creating a SQL injection vulnerability |
|---|
| 원천 | ⚠️ https://github.com/itzmehedi/Hostel-searching-project-using-PHP-Mysql/issues/1 |
|---|
| 사용자 | ace. (UID 34853) |
|---|
| 제출 | 2022. 11. 17. AM 06:54 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 11. 17. PM 04:07 (9 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 213844 [Hostel Searching Project view-property.php property_id SQL 주입] |
|---|
| 포인트들 | 20 |
|---|