| 제목 | code-projects Human Resource Integrated System 1.0 SQL Injection |
|---|
| 설명 | The id parameter in log_query.php is vulnerable to SQL injection due to improper input validation and the absence of parameterized queries. An attacker can exploit this weakness by injecting malicious SQL statements to manipulate database queries, which may lead to unauthorized access, data extraction, or modification of sensitive information. |
|---|
| 원천 | ⚠️ https://github.com/cooorgi/cve/blob/main/hris_sql_log_query.md |
|---|
| 사용자 | cooorgi (UID 80520) |
|---|
| 제출 | 2025. 08. 22. PM 08:11 (10 개월 ago) |
|---|
| 모더레이션 | 2025. 08. 30. PM 06:47 (8 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 322039 [code-projects Human Resource Integrated System 1.0 /log_query.php 아이디 SQL 주입] |
|---|
| 포인트들 | 19 |
|---|