Submeter #731128: code-projects Online Product Reservation System V1.0 SQL Injectioninformação

Título	code-projects Online Product Reservation System V1.0 SQL Injection
Descrição	A critical SQL injection vulnerability exists in the shopping cart delete functionality. The application directly concatenates POST parameter into SQL DELETE query without validation, allowing attackers to extract database data and manipulate cart contents.
Fonte	⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_checkout_delete.php.md
Utilizador	Ho Cherry (UID 94105)
Submissão	03/01/2026 17h37 (há 4 meses)
Moderação	04/01/2026 19h06 (1 day later)
Estado	Aceite
Entrada VulDB	339500 [code-projects Online Product Reservation System 1.0 POST Parameter /app/checkout/delete.php ID Injeção SQL]
Pontos	18

Do you need the next level of professionalism?

Upgrade your account now!