| Título | CodeAstro Online Job Portal Project in PHP MySQL 1.0 SQL Injection |
|---|
| Descrição | A SQL injection vulnerability was identified in CodeAstro Online Job Portal Project in PHP MySQL 1.0.
The application uses the id parameter directly in the SQL query without proper sanitization or parameter binding. This allows an authenticated administrator to inject malicious input and manipulate the query logic.
By exploiting this issue, an attacker can delete all job records from the database instead of a single intended entry. |
|---|
| Fonte | ⚠️ https://github.com/Xmyronn/CodeAstro-Online-Job-Portal-SQLi-Delete-All.git |
|---|
| Utilizador | imad alvi (UID 97088) |
|---|
| Submissão | 06/04/2026 18h06 (há 21 dias) |
|---|
| Moderação | 25/04/2026 16h18 (19 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 359608 [CodeAstro Online Job Portal 1.0 All Jobs Page delete-jobs.php ID Injeção SQL] |
|---|
| Pontos | 20 |
|---|