| Название | code-projects online-student-management-system v1.0 Authentication Bypass Issues |
|---|
| Описание | A severe SQL injection vulnerability has been identified in the system authentication module. This vulnerability resides in the studAuthentication static method of the ~/include/students.php file. Due to the unsafe dynamic string concatenation employed by the program in constructing database queries, an attacker can bypass password verification logic by crafting a malicious username. |
|---|
| Источник | ⚠️ https://github.com/wan1yan/cve/issues/5 |
|---|
| Пользователь | wanyan (UID 95221) |
|---|
| Представление | 09.02.2026 13:09 (3 месяцы назад) |
|---|
| Модерация | 20.02.2026 15:43 (11 days later) |
|---|
| Статус | Дубликат |
|---|
| Запись VulDB | 344872 [code-projects Online Student Management System 1.0 Login accounts.php username/password SQL-инъекция] |
|---|
| Баллы | 0 |
|---|