| Title | Sourcecodester Contact Manager App has SQL injection vulnerability. |
|---|
| Description | SQL Injection is a code injection technique that attackers use to exploit vulnerabilities in a web application's database query. The attacker can inject malicious SQL statements into input fields for execution, which can lead to unauthorized viewing of data, data manipulation, and other destructive outcomes.
In the Sourcecodester Contact Manager App, attackers can exploit a SQL injection vulnerability to delete the entire contact table.
Please refer to the Exploit link for vulnerability proof. |
|---|
| Source | ⚠️ https://skypoc.wordpress.com/2023/09/05/vuln1/ |
|---|
| User | gikaku (UID 53862) |
|---|
| Submission | 09/06/2023 01:47 (3 years ago) |
|---|
| Moderation | 09/09/2023 10:16 (3 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 239357 [SourceCodester Contact Manager App 1.0 add.php contact/contactName sql injection] |
|---|
| Points | 20 |
|---|