| Título | SourceCodester Simple E-learning System 1.0 SQL Injection |
|---|
| Descrição | A SQL injection vulnerability exists in Simple E-learning System version 1.0. The vulnerability occurs in the user profile update component, where the firstName HTTP POST parameter is not properly sanitized. This allows an authenticated attacker to inject arbitrary SQL commands. |
|---|
| Fonte | ⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Simple-E-learning-System/SQLi-UserProfile-firstName.md |
|---|
| Utilizador | 563742137abc (UID 95813) |
|---|
| Submissão | 08/03/2026 15h47 (há 3 meses) |
|---|
| Moderação | 22/03/2026 09h48 (14 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 352411 [SourceCodester Simple E-learning System 1.0 User Profile Update firstName Injeção SQL] |
|---|
| Pontos | 18 |
|---|