| Название | jkev Personnel Record Management System V1.0 SQL Injection |
|---|
| Описание | The system fails to sanitize or filter user input during authentication, data querying, and data entry processes, resulting in multiple SQL injection vulnerabilities. Attackers can exploit these flaws to bypass authentication, take over arbitrary accounts, steal plaintext passwords, and gain unauthorized access to the administrator dashboard. Once inside, they can view and modify any stored information, leading to severe sensitive data disclosure and system compromise.
|
|---|
| Источник | ⚠️ https://github.com/whatyourname12345/CVE/blob/main/PRMS/cve_SQL.md |
|---|
| Пользователь | chenkh (UID 96588) |
|---|
| Представление | 20.03.2026 02:59 (18 дни назад) |
|---|
| Модерация | 04.04.2026 16:45 (16 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 355345 [SourceCodester/jkev Record Management System 1.0 Login index.php Имя пользователя SQL-инъекция] |
|---|
| Баллы | 20 |
|---|