| 제목 | jkev Personnel Record Management System V1.0 SQL Injection |
|---|
| 설명 | The system fails to sanitize or filter user input during authentication, data querying, and data entry processes, resulting in multiple SQL injection vulnerabilities. Attackers can exploit these flaws to bypass authentication, take over arbitrary accounts, steal plaintext passwords, and gain unauthorized access to the administrator dashboard. Once inside, they can view and modify any stored information, leading to severe sensitive data disclosure and system compromise.
|
|---|
| 원천 | ⚠️ https://github.com/whatyourname12345/CVE/blob/main/PRMS/cve_SQL.md |
|---|
| 사용자 | chenkh (UID 96588) |
|---|
| 제출 | 2026. 03. 20. AM 02:59 (17 날 ago) |
|---|
| 모더레이션 | 2026. 04. 04. PM 04:45 (16 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 355345 [SourceCodester/jkev Record Management System 1.0 Login index.php 사용자 이름 SQL 주입] |
|---|
| 포인트들 | 20 |
|---|