Submit #309091: Sourcecodester Computer Laboratory Management System v1.0 SQL injectioninfo

TitleSourcecodester Computer Laboratory Management System v1.0 SQL injection
DescriptionAn SQL Injection vulnerability has been identified in the /view_borrow function via the id parameter of Sourcecodester Computer Laboratory Management System affecting version 1.0 The vulnerability arises due to insufficient input validation and sanitation of user-supplied data in the /view_borrow function. An attacker can exploit this vulnerability to execute arbitrary SQL commands in the application's backend database, leading to unauthorized access, data exfiltration, or database corruption.
Source⚠️ https://github.com/0xAlmighty/Vulnerability-Research/blob/main/SourceCodester/CLMS/SourceCodester-CLMS-SQLi.md
User
 almightysec (UID 67229)
Submission04/02/2024 23:02 (2 years ago)
Moderation04/03/2024 07:05 (8 hours later)
StatusAccepted
VulDB entry259100 [SourceCodester Computer Laboratory Management System 1.0 view_borrow ID sql injection]
Points20

PreviousOverviewNext

Want to know what is going to be exploited?

We predict KEV entries!