제출 #844846: CodeAstro Student Attendance Management System v1 SQL Injection정보

제목CodeAstro Student Attendance Management System v1 SQL Injection
설명A SQL injection vulnerability exists in CodeAstro Student Attendance Management System v1.0 in the /attendance-php/Admin/createSessionTerm.php file. The application does not properly validate, sanitize, or parameterize the sessionName POST parameter before using it in SQL queries. An attacker can supply crafted input through the sessionName parameter and alter the intended SQL query logic. This may allow unauthorized database access, disclosure of sensitive data, data modification, or service disruption, depending on the privileges assigned to the database user.
원천⚠️ https://github.com/freddymuch/Vul/issues/2
사용자
 freddymuch (UID 98644)
제출2026. 06. 01. PM 01:59 (1 월 ago)
모더레이션2026. 07. 03. PM 06:45 (1 month later)
상태중복
VulDB 항목319151 [Student Attendance Management System 1.0 createSessionTerm.php sessionName SQL 주입]
포인트들0

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!