Отправить #619313: code-projects Public Chat Room 1.0 SQL InjectionИнформация

Названиеcode-projects Public Chat Room 1.0 SQL Injection
ОписаниеThis vulnerability exists in the "login.php" file, where the "username" parameter submitted by the user is directly concatenated into a SQL query without proper escaping or parameterization. An attacker can craft malicious SQL statements and inject them via POST requests to bypass authentication, retrieve sensitive database information, or manipulate the database.
Источник⚠️ https://github.com/BalanceLee/CVE/issues/5
Пользователь balancelee (UID 87843)
Представление20.07.2025 16:00 (11 месяцы назад)
Модерация21.07.2025 11:25 (19 hours later)
Статуспринято
Запись VulDB317096 [code-projects Public Chat Room 1.0 /login.php Имя пользователя SQL-инъекция]
Баллы19

ПредыдущийОбзорДалее

Do you want to use VulDB in your project?

Use the official API to access entries easily!