| 제목 | GitHub advocate-office-management-system V 1.0 SQL Injection |
|---|
| 설명 | The id parameter under the control/activate_reg.php file of the advertisement office management system is controllable by the user. This parameter does not carry out any filtering. An attacker can execute malicious sql injection by constructing malicious sql statements, thus creating an sql injection vulnerability. Through this vulnerability, sensitive information can be obtained, or malicious files can be written, and finally server permissions can be obtained |
|---|
| 원천 | ⚠️ https://github.com/zhangbeihai-1/cve/issues/1 |
|---|
| 사용자 | dead_end (UID 96372) |
|---|
| 제출 | 2026. 03. 12. AM 11:03 (17 날 ago) |
|---|
| 모더레이션 | 2026. 03. 27. PM 05:07 (15 days later) |
|---|
| 상태 | 중복 |
|---|
| VulDB 항목 | 300585 [SourceCodester Kortex Lite Advocate Office Management System 1.0 activate_reg.php 아이디 SQL 주입] |
|---|
| 포인트들 | 0 |
|---|