Submeter #775172: SourceCodester Sales and Inventory System 1.0 SQL Injectioninformação

TítuloSourceCodester Sales and Inventory System 1.0 SQL Injection
DescriçãoA SQL injection vulnerability exists in Inventory System version 1.0. The vulnerability occurs in the update_customer_details.php file, where the sid HTTP GET parameter is not properly sanitized. This allows an authenticated attacker to inject arbitrary SQL commands.
Fonte⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-UpdateCustomerDetails-sid.md
Utilizador
 Anonymous User
Submissão08/03/2026 15h30 (há 29 dias)
Moderação24/03/2026 16h11 (16 days later)
EstadoAceite
Entrada VulDB352797 [SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_customer_details.php sid Injeção SQL]
Pontos18

VoltarVisão GeralPróximo

Do you need the next level of professionalism?

Upgrade your account now!