| Название | Campcodes Online Examination System With Timer 1.0 SQL Injection |
|---|
| Описание | A vulnerability was found in Campcodes Online Examination System With Timer, impacting the page updateQuestion.php. The value of user input (id parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack |
|---|
| Источник | ⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Examination%20System%20With%20Timer/SQL_updateQuestion.md |
|---|
| Пользователь | yylm (UID 67976) |
|---|
| Представление | 13.05.2024 16:14 (2 лет назад) |
|---|
| Модерация | 15.05.2024 13:23 (2 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 264453 [Campcodes Online Examination System 1.0 updateQuestion.php ИД SQL-инъекция] |
|---|
| Баллы | 18 |
|---|