| Название | Online Graduate Tracer System sexit.php sql injection |
|---|
| Описание | Online Graduate Tracer System sexit.php sql injection
url:tracking/admin/sexit.php
Abstract:
Line 142 of sexit.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
Explanation:
SQL injection errors occur when:
Data enters a program from an untrusted source.
The data is used to dynamically construct a SQL query.
In this case the data is passed to mysqli_query() in sexit.php at line 142.
Download Code:
https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html |
|---|
| Источник | ⚠️ https://blog.csdn.net/weixin_43864034/article/details/132508000 |
|---|
| Пользователь | trutle965 (UID 53355) |
|---|
| Представление | 26.08.2023 03:41 (3 лет назад) |
|---|
| Модерация | 26.08.2023 17:53 (14 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 238154 [SourceCodester Online Graduate Tracer System 1.0 sexit.php mysqli_query ИД SQL-инъекция] |
|---|
| Баллы | 20 |
|---|