Submeter #632036: phpgurukul Employee Record Management System 1.3 SQL Injectioninformação

Títulophpgurukul Employee Record Management System 1.3 SQL Injection
DescriçãoAn authenticated SQL injection vulnerability exists in the Employee Record Management System (ERMS) within admin/adminprofile.php. The AdminName parameter is directly concatenated into an SQL query without input sanitization or prepared statements. An authenticated attacker can exploit this to execute arbitrary SQL commands, potentially extracting or modifying database contents.
Fonte⚠️ https://github.com/cryptokhush/Employee-Record-Management-System/blob/main/README.md
Utilizador
 devcypher (UID 88930)
Submissão11/08/2025 18h51 (há 10 meses)
Moderação16/08/2025 08h01 (5 days later)
EstadoDuplicado
Entrada VulDB311581 [PHPGurukul Employee Record Management System 1.3 /admin/adminprofile.php AdminName Injeção SQL]
Pontos0

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!