Submit #290939: https://www.sourcecodester.com/users/tips23 Web PHP 1 SQL Injectioninfo

Titlehttps://www.sourcecodester.com/users/tips23 Web PHP 1 SQL Injection
DescriptionExploit Title: Simple Online Bidding System SQL Injection Date: 4/08/2023 Exploit Author: y3thu Vendor Homepage: https://www.sourcecodester.com/users/tips23 Software Link: https://www.sourcecodester.com/php/14558/simple-online-bidding-system-using-phpmysqli-source-code.html Attack Vector: WEB, Network Testeted on: Kali Linux Description: The SQL injection vulnerability in an online bidding system allows attackers to inject malicious SQL code through input fields, compromising the system's database. This enables unauthorized access to sensitive data, manipulation of bids, and potential denial-of-service attacks. Mitigation involves strict input validation, parameterized queries, database access controls, security testing, and user education to prevent exploitation and ensure system integrity.
Source⚠️ https://github.com/yethu123/vulns-finding/blob/main/Simple%20Online%20Bidding%20System.md
User
 y3thu (UID 52000)
Submission02/29/2024 19:01 (2 years ago)
Moderation03/01/2024 08:45 (14 hours later)
StatusAccepted
VulDB entry255393 [SourceCodester Simple Online Bidding System 1.0 index.php category_id sql injection]
Points20

PreviousOverviewNext

Do you want to use VulDB in your project?

Use the official API to access entries easily!