| Título | code-projects Easy Blog Site V1.0 SQL Injection |
|---|
| Descrição | This code is used to query whether the current account exists in the database. At the same time, the username and password have not been filtered in any way, nor have they been normalized through function conversion, which allows any password to successfully log in to the account. For example: set username=admin' -- q The password can be filled in at will, and you can log in to the user |
|---|
| Fonte | ⚠️ https://github.com/MyMySSS/cve/blob/main/cve.md |
|---|
| Utilizador | MyMy (UID 96642) |
|---|
| Submissão | 23/03/2026 13h49 (há 25 dias) |
|---|
| Moderação | 05/04/2026 22h41 (13 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 355434 [code-projects Easy Blog Site 1.0 login.php username/password Injeção SQL] |
|---|
| Pontos | 20 |
|---|