Submeter #673773: code-projects Client Details System V1.0 SQL Injectioninformação

Títulocode-projects Client Details System V1.0 SQL Injection
DescriçãoA critical SQL Injection vulnerability exists in clientdetails/welcome.php via the ID GET parameter. The application embeds ID unescaped into backend SQL, enabling attackers to alter query logic and inject additional statements. Because input is not sanitized and prepared statements are not used, the endpoint is susceptible to multiple exploitation techniques.
Fonte⚠️ https://github.com/hellonewbie/tutorial/issues/6
Utilizador
 ZengY (UID 91559)
Submissão12/10/2025 11h02 (há 8 meses)
Moderação26/10/2025 05h59 (14 days later)
EstadoAceite
Entrada VulDB329914 [code-projects Client Details System 1.0 GET Parameter welcome.php ID Injeção SQL]
Pontos19

VoltarVisão GeralPróximo

Do you know our Splunk app?

Download it now for free!