| Title | SOURCECODESTER house rental management system 1.0 sql injection |
|---|
| Description | Multiple SQL injection affecting house rental management system. vulnerabilities can be exploited by an attacker to perform SQL injection attacks and execute Remote Code Execution on the server.
By manipulating the parameters "id", "name" and "username" an attacker can inject malicious SQL queries into the backend database. This could potentially lead to unauthorized access to sensitive information, modification of database records, and in some cases, the execution of remote code on the server. |
|---|
| Source | ⚠️ https://drive.google.com/file/d/1DGb371-evTgstf42t3u2dOM4KBEt5mPw/view?usp=sharing |
|---|
| User | Strik3r (UID 61057) |
|---|
| Submission | 01/11/2024 14:40 (2 years ago) |
|---|
| Moderation | 01/12/2024 13:49 (23 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 250610 [SourceCodester House Rental Management System 1.0 Edit User manage_user.php id/name/username sql injection] |
|---|
| Points | 20 |
|---|