Submeter #651941: github.com Course Selection System V1.0 SQL Injectioninformação

Títulogithub.com Course Selection System V1.0 SQL Injection
DescriçãoDuring the security review of "Course Selection System",I discovered a critical SQL injection vulnerability in the "/Profilers/SProfile/reg.php " file. This vulnerability stems from insufficient user input validation of the 'csem' parameter, allowing attackers to inject malicious SQL queries. Therefore, attackers can gain unauthorized access to databases, modify or delete data, and access sensitive information. Immediate remedial measures are needed to ensure system security and protect data integrity.
Fonte⚠️ https://github.com/qi-wm/cve/issues/1
Utilizador
 qihao (UID 90042)
Submissão10/09/2025 12h27 (há 9 meses)
Moderação18/09/2025 07h24 (8 days later)
EstadoAceite
Entrada VulDB324786 [kidaze CourseSelectionSystem até 42cd892b40a18d50bd4ed1905fa89f939173a464 COUNT3s3.php csem Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Want to know what is going to be exploited?

We predict KEV entries!