제출 #846744: code-projects Online Job Portal 1.0 SQL Injection정보

제목code-projects Online Job Portal 1.0 SQL Injection
설명An unauthenticated SQL injection vulnerability exists in login.php of the Online Job Portal System 1.0. The application fails to properly sanitize user-supplied input for the txtUser and txtPass parameters before concatenating them into SQL queries. An unauthenticated remote attacker can exploit this flaw by injecting specially crafted SQL payloads, leading to authentication bypass, unauthorized access to the administrative panel, and full database disclosure, including administrator credentials and sensitive PII from job seekers and employers.
원천⚠️ https://github.com/aiyuyuyu/cve/blob/main/job_portal_sql.md
사용자
 yuyuyu (UID 97935)
제출2026. 06. 03. AM 08:38 (1 월 ago)
모더레이션2026. 07. 03. PM 08:53 (1 month later)
상태수락
VulDB 항목376174 [code-projects Online Job Portal 1.0 login.php txtUser/txtPass SQL 주입]
포인트들20

Interested in the pricing of exploits?

See the underground prices here!