Отправить #580167: PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL InjectionИнформация

НазваниеPHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection
ОписаниеA Time-Based Blind SQL Injection vulnerability was discovered in the Credit Card Application Management System v1.0 by PHPGurukul. The issue affects the username parameter in the login endpoint (/ccams/admin/index.php). Using crafted payloads, an unauthenticated attacker can inject SQL commands and extract sensitive data such as admin credentials, email addresses, and phone numbers from the backend MySQL database (ccamsdb). The vulnerability allows complete compromise of the application’s authentication mechanism.
Источник⚠️ https://github.com/GIRISH05/Credit-card-application-management-system/blob/main/SQL-Injection.md
Пользователь
 girishbo (UID 85185)
Представление18.05.2025 12:24 (1 Год назад)
Модерация18.05.2025 17:34 (5 hours later)
Статуспринято
Запись VulDB309504 [PHPGurukul Credit Card Application Management System 1.0 /admin/index.php Имя пользователя SQL-инъекция]
Баллы20

Do you need the next level of professionalism?

Upgrade your account now!