Submeter #471038: Codezips Blood Bank Management System In PHP With Source Code V1.0 SQL Injectioninformação

TítuloCodezips Blood Bank Management System In PHP With Source Code V1.0 SQL Injection
DescriçãoRoot Cause Description: The /campaign.php script directly incorporates user input from the cname parameter into SQL queries without proper sanitization or validation. This oversight allows attackers to inject malicious SQL code, enabling unauthorized database manipulations. ???? Impact Unauthorized Database Access: Potential to read sensitive data. Data Leakage: Exposure of confidential information. Data Tampering: Ability to modify or delete records. System Control: Possibility of full system compromise. Service Interruption: Disruption of normal operations.
Fonte⚠️ https://github.com/isRainy/VULDB/blob/main/Blood_Bank_Management_System.md
Utilizador
 1905589289 (UID 79521)
Submissão28/12/2024 11h54 (há 1 Ano)
Moderação28/12/2024 20h18 (8 hours later)
EstadoAceite
Entrada VulDB289715 [Codezips Blood Bank Management System 1.0 /campaign.php cname Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!