Submeter #855975: code-projects Online Job Portal System 1.0 SQL Injectioninformação

Títulocode-projects Online Job Portal System 1.0 SQL Injection
DescriçãoDuring a security review of "Online Job Portal System", a critical SQL injection vulnerability was discovered in the /login.php file. This vulnerability stems from insufficient user input validation of the txtUser and txtPass POST parameters, allowing attackers to inject malicious SQL queries into the authentication logic. The attacker can log into any account type (Administrator, Employer, JobSeeker) without valid credentials by appending SQL injection payloads to the login form.
Fonte⚠️ https://github.com/shihuizhang-dazhi/MY-CVE/issues/5
Utilizador
 dazhi (UID 87857)
Submissão11/06/2026 12h52 (há 1 mês)
Moderação13/07/2026 23h19 (1 month later)
EstadoDuplicado
Entrada VulDB376174 [code-projects Online Job Portal 1.0 login.php txtUser/txtPass Injeção SQL]
Pontos0

Do you want to use VulDB in your project?

Use the official API to access entries easily!