| 제목 | code-projects Public Chat Room 1.0 SQL Injection |
|---|
| 설명 | This vulnerability exists in the "login.php" file, where the "username" parameter submitted by the user is directly concatenated into a SQL query without proper escaping or parameterization. An attacker can craft malicious SQL statements and inject them via POST requests to bypass authentication, retrieve sensitive database information, or manipulate the database. |
|---|
| 원천 | ⚠️ https://github.com/BalanceLee/CVE/issues/5 |
|---|
| 사용자 | balancelee (UID 87843) |
|---|
| 제출 | 2025. 07. 20. PM 04:00 (11 개월 ago) |
|---|
| 모더레이션 | 2025. 07. 21. AM 11:25 (19 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 317096 [code-projects Public Chat Room 1.0 /login.php 사용자 이름 SQL 주입] |
|---|
| 포인트들 | 19 |
|---|