| Название | code-projects Human Resource Integrated System 1.0 SQL Injection |
|---|
| Описание | The id parameter in log_query.php is vulnerable to SQL injection due to improper input validation and the absence of parameterized queries. An attacker can exploit this weakness by injecting malicious SQL statements to manipulate database queries, which may lead to unauthorized access, data extraction, or modification of sensitive information. |
|---|
| Источник | ⚠️ https://github.com/cooorgi/cve/blob/main/hris_sql_log_query.md |
|---|
| Пользователь | cooorgi (UID 80520) |
|---|
| Представление | 22.08.2025 20:11 (10 месяцы назад) |
|---|
| Модерация | 30.08.2025 18:47 (8 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 322039 [code-projects Human Resource Integrated System 1.0 /log_query.php ИД SQL-инъекция] |
|---|
| Баллы | 19 |
|---|