Submeter #99613: File Tracker Manager System v1.0 /file_manager/login.php post parameter username exists SQL injection vulnerabilityinformação

TítuloFile Tracker Manager System v1.0 /file_manager/login.php post parameter username exists SQL injection vulnerability
DescriçãoAn issue was discovered in File Tracker Manager System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /file_manager/login.php post parameter username. Payload1: username=a'&password=b Payload2:username=a' and (select 1 from (select(sleep(20)))a)-- a&password=b
Fonte⚠️ https://github.com/godownio/bug_report/blob/main/vendors/hemedy99/File%20Tracker%20Manager%20System/SQLi-1.md
Utilizador
 godownio (UID 42581)
Submissão09/03/2023 07h02 (há 3 anos)
Moderação09/03/2023 15h39 (9 hours later)
EstadoAceite
Entrada VulDB222648 [SourceCodester File Tracker Manager System 1.0 POST Parameter /file_manager/login.php Nome de utilizador Injeção SQL]
Pontos19

VoltarVisão GeralPróximo

Do you want to use VulDB in your project?

Use the official API to access entries easily!