| 제목 | code-projects Online Product Reservation system in PHP with source code V1.0 SQL Injection |
|---|
| 설명 | A critical SQL injection vulnerability exists in the shopping cart functionality. The application directly concatenates POST parameter and session variable into multiple SQL queries (SELECT, UPDATE, INSERT) without validation, allowing attackers to extract data and manipulate cart contents. |
|---|
| 원천 | ⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_left_cart.php.md |
|---|
| 사용자 | Ho Cherry (UID 94105) |
|---|
| 제출 | 2026. 01. 03. PM 12:20 (3 개월 ago) |
|---|
| 모더레이션 | 2026. 01. 04. AM 08:01 (20 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 339476 [code-projects Online Product Reservation System 1.0 left_cart.php 아이디 SQL 주입] |
|---|
| 포인트들 | 18 |
|---|