Submeter #471112: code-projects Chat System 1.0.0.00 SQL Injectioninformação

Títulocode-projects Chat System 1.0.0.00 SQL Injection
DescriçãoIn the file 'update_user.php' located at /admin/update_user.php, there is a possibility of performing SQL injection on the 'name and id' parameter. This allows attackers to inject malicious SQL code into the query. For example, if the name and id parameter is set to: error-based: script=1' AND 4381=(SELECT (CASE WHEN (4381=4381) THEN 4381 ELSE (SELECT 6122 UNION SELECT 5924) END))-- -
Fonte⚠️ https://code-projects.org/chat-system-using-php-source-code/
Utilizador
 Havook (UID 71104)
Submissão28/12/2024 16h18 (há 2 anos)
Moderação29/12/2024 16h38 (1 day later)
EstadoAceite
Entrada VulDB289768 [code-projects Chat System 1.0 /admin/update_user.php ID Injeção SQL]
Pontos20

Do you want to use VulDB in your project?

Use the official API to access entries easily!