| Название | SourceCodester Inventory System 1.0 SQL Injection |
|---|
| Описание | A SQL injection vulnerability exists in SourceCodester Inventory System 1.0. The vulnerability is found in the search functionality of the file dashboard.php. The manipulation of the POST parameter 'searchtxt' leads to boolean-based or time-based blind SQL injection. An authenticated attacker can exploit this to infer and exfiltrate database content. |
|---|
| Источник | ⚠️ https://github.com/meifukun/Web-Security-PoCs/blob/main/Inventory-System/SQLi-Dashboard-searchtxt.md |
|---|
| Пользователь | Anonymous User |
|---|
| Представление | 26.02.2026 07:21 (1 месяц назад) |
|---|
| Модерация | 08.03.2026 08:24 (10 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 349758 [SourceCodester Sales and Inventory System 1.0 Search dashboard.php searchtxt SQL-инъекция] |
|---|
| Баллы | 19 |
|---|