Submeter #775174: SourceCodester Sales and Inventory System 1.0 SQL Injectioninformação

TítuloSourceCodester Sales and Inventory System 1.0 SQL Injection
DescriçãoA SQL injection vulnerability exists in Inventory System version 1.0. The vulnerability occurs in the update_purchase.php file, where the sid HTTP GET parameter is not properly sanitized. This allows an authenticated attacker to inject arbitrary SQL commands.
Fonte⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-UpdatePurchase-sid.md
Utilizador
 Anonymous User
Submissão08/03/2026 15h31 (há 29 dias)
Moderação24/03/2026 16h12 (16 days later)
EstadoAceite
Entrada VulDB352799 [SourceCodester Sales and Inventory System 1.0 HTTP GET Parameter update_purchase.php sid Injeção SQL]
Pontos18

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!