Submeter #484185: code-projects.org Fantasy-Cricket V1.0 sqlinformação

Titlecode-projects.org Fantasy-Cricket V1.0 sql
DescriptionDuring the security review of the PHP "Fantasy-Cricket", discovered a critical SQL injection vulnerability in the "update.php" file. This vulnerability stems from insufficient user input validation of the "uname" parameter, allowing attackers to inject malicious SQL queries. Therefore, attackers can gain unauthorized access to databases, modify or delete data, and access sensitive information. Immediate remedial measures are needed to ensure system security and protect data integrity.
Source⚠️ https://github.com/LiuSir5211314/-sir/issues/2
User
 liu_my (UID 80323)
Submission17/01/2025 04h21 (há 4 meses)
Moderation18/01/2025 08h41 (1 day later)
StatusAceite
VulDB Entry292524 [code-projects Fantasy-Cricket 1.0 /dash/update.php uname Injecção SQL]
Points20

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!