| Название | code-projects NEWS-BUZZ (News Management System) 1.0 SQL Injection |
|---|
| Описание | There is a time-based SQL injection vulnerability in the login part of the index.php file. It allows an attacker to manipulate the SQL query and potentially perform unauthorized actions on the database. Additionally, with the malicious code, the program slows down for a period of time set in the function. |
|---|
| Источник | ⚠️ https://github.com/EmilGallajov/zero-day/blob/main/content_management_system_sqli.md |
|---|
| Пользователь | egsec (UID 77043) |
|---|
| Представление | 02.11.2024 23:17 (1 Год назад) |
|---|
| Модерация | 03.11.2024 08:30 (9 hours later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 282927 [code-projects/anirbandutta9 Content Management System/News-Buzz 1.0 /index.php user_name SQL-инъекция] |
|---|
| Баллы | 17 |
|---|