| 제목 | code-projects Online Product Reservation system V1.0 SQL Injection |
|---|
| 설명 | A critical SQL injection vulnerability exists in the order viewing functionality. The application directly concatenates GET parameter into SQL query without validation, allowing attackers to extract order information and sensitive customer data. |
|---|
| 원천 | ⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_order_view.php.md |
|---|
| 사용자 | Ho Cherry (UID 94105) |
|---|
| 제출 | 2026. 01. 03. PM 12:23 (3 개월 ago) |
|---|
| 모더레이션 | 2026. 01. 04. AM 08:01 (20 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 339477 [code-projects Online Product Reservation System 1.0 GET Parameter /order_view.php transaction_id SQL 주입] |
|---|
| 포인트들 | 17 |
|---|