Submeter #423448: code-projects Pharmacy Management 1.0 SQL Injectioninformação

Títulocode-projects Pharmacy Management 1.0 SQL Injection
DescriçãoA critical SQL injection vulnerability was identified in the Pharmacy Management System version 1.0. The issue can be exploited through the text parameter sent via a GET request to the endpoint /php/manage_customer.php?action=search&text=a. Attackers can manipulate this parameter to execute arbitrary SQL commands, allowing unauthorized access and compromising the security of the database. Exploiting this vulnerability can expose sensitive information and disrupt system operations. Since no patch is currently available, this flaw remains critical and demands immediate attention.
Fonte⚠️ https://gist.github.com/higordiego/b57040961b993cb5f1bfe0005f6b57be
Utilizador
 c4ttr4ck (UID 75518)
Submissão14/10/2024 15h38 (há 2 anos)
Moderação15/10/2024 07h21 (16 hours later)
EstadoAceite
Entrada VulDB280341 [code-projects Pharmacy Management System 1.0 manage_customer.php?action=search text Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!