Submit #286682: Project Worlds File Management System unknown SQL Injection via Admin Login Forminfo

TitleProject Worlds File Management System unknown SQL Injection via Admin Login Form
Description### **Vendor and Product Information:** - **Vendor:** Project Worlds - **Product:** **File Management System** - **Product URL:** **[File Management System](https://www.sourcecodester.com/php/13333/file-management-system-very-complete-using-phpmysqli.html)** ### **Severity: High** ### **Confidence: Confirmed** ### **Description:** The admin login form of the Complaint Management System application is vulnerable to SQL injection. An attacker can exploit this vulnerability to bypass authentication and gain unauthorized access to the admin panel.
Source⚠️ https://toradah.notion.site/SQL-Injection-via-Admin-Login-Form-7372893848cb4bb996ae2c9effb0266a?pvs=25
User
 torada (UID 61170)
Submission02/23/2024 10:45 (2 years ago)
Moderation02/23/2024 11:54 (1 hour later)
StatusAccepted
VulDB entry254623 [SourceCodester Complete File Management System 1.0 Admin Login Form /admin/ Username sql injection]
Points17

PreviousOverviewNext

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!