Submeter #731129: code-projects Online Product Reservation System V1.0 SQL Injectioninformação

Títulocode-projects Online Product Reservation System V1.0 SQL Injection
DescriçãoA critical SQL injection vulnerability exists in the shopping cart update functionality. The application directly concatenates POST parameters into SQL UPDATE and SELECT queries without validation, allowing attackers to extract cart and product data.
Fonte⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_checkout_update.php.md
Utilizador
 Ho Cherry (UID 94105)
Submissão03/01/2026 17h39 (há 4 meses)
Moderação04/01/2026 19h06 (1 day later)
EstadoAceite
Entrada VulDB339501 [code-projects Online Product Reservation System 1.0 Cart Update /app/checkout/update.php id/qty Injeção SQL]
Pontos17

VoltarVisão GeralPróximo

Interested in the pricing of exploits?

See the underground prices here!