Submeter #640113: code-projects Human Resource Integrated System 1.0 SQL Injectioninformação

Títulocode-projects Human Resource Integrated System 1.0 SQL Injection
DescriçãoThe employee_id and date parameters in login_attendance2.php are not properly sanitized or parameterized, making them vulnerable to SQL injection. An attacker could exploit this vulnerability by injecting malicious SQL code to manipulate database queries. An attacker could leverage a time-based SQL injection method and a error-based SQL injection method.
Fonte⚠️ https://github.com/cooorgi/cve/blob/main/hris_sql_login_attendance2.md
Utilizador
 cooorgi (UID 80520)
Submissão22/08/2025 20h13 (há 10 meses)
Moderação30/08/2025 18h47 (8 days later)
EstadoAceite
Entrada VulDB322042 [code-projects Human Resource Integrated System 1.0 login_attendance2.php employee_id/date Injeção SQL]
Pontos19

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!