Submeter #473410: code-projects Student Management System 1.0 SQL Injectioninformação

Título	code-projects Student Management System 1.0 SQL Injection
Descrição	The SQL Injection vulnerability exists in diretory `/config/DbFunction.php` where this function query the subject `$sid` parameter into the SQL statement without any restriction, validation or sanitization. An attacker could exploit this vulnerability to get Remote Code Execution (RCE).
Fonte	⚠️ https://gist.github.com/th4s1s/e8488d7e35d789581979f3b7e4c48b1f
Utilizador	lio346 (UID 79690)
Submissão	02/01/2025 11h19 (há 1 Ano)
Moderação	03/01/2025 13h27 (1 day later)
Estado	Aceite
Entrada VulDB	290140 [code-projects Student Management System 1.0 /config/DbFunction.php showSubject1 sid Injeção SQL]
Pontos	17

Might our Artificial Intelligence support you?

Check our Alexa App!