Submeter #388769: SourceCodester Sourcecodester Car Driving School Management System 1.0 SQL injectioninformação

TítuloSourceCodester Sourcecodester Car Driving School Management System 1.0 SQL injection
DescriçãoAfter receiving the id parameter passed in through the get method in the manage_package.php file, it is directly spliced into the SQL query statement for execution without any security filtering. An attacker can use this parameter to perform SQL injection to read arbitrary database information.
Fonte⚠️ https://github.com/BFS-Lab/BFSDV/blob/main/Sourcecodester%20Online%20Catering%20Reservation%20System%20SQL%20Injection-3.md
Utilizador
 BFS-Lab (UID 73306)
Submissão10/08/2024 06h24 (há 2 anos)
Moderação10/08/2024 10h19 (4 hours later)
EstadoAceite
Entrada VulDB274123 [SourceCodester Car Driving School Management System 1.0 manage_package.php ID Injeção SQL]
Pontos18

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!