제출 #580167: PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection정보

제목PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection
설명A Time-Based Blind SQL Injection vulnerability was discovered in the Credit Card Application Management System v1.0 by PHPGurukul. The issue affects the username parameter in the login endpoint (/ccams/admin/index.php). Using crafted payloads, an unauthenticated attacker can inject SQL commands and extract sensitive data such as admin credentials, email addresses, and phone numbers from the backend MySQL database (ccamsdb). The vulnerability allows complete compromise of the application’s authentication mechanism.
원천⚠️ https://github.com/GIRISH05/Credit-card-application-management-system/blob/main/SQL-Injection.md
사용자
 girishbo (UID 85185)
제출2025. 05. 18. PM 12:24 (1 년도 ago)
모더레이션2025. 05. 18. PM 05:34 (5 hours later)
상태수락
VulDB 항목309504 [PHPGurukul Credit Card Application Management System 1.0 /admin/index.php 사용자 이름 SQL 주입]
포인트들20

Interested in the pricing of exploits?

See the underground prices here!