Submit #333415: Campcodes Online Examination System With Timer 1.0 SQL Injectioninfo

TitleCampcodes Online Examination System With Timer 1.0 SQL Injection
DescriptionA vulnerability was found in Campcodes Online Examination System With Timer, impacting the page updateQuestion.php. The value of user input (id parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack
Source⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Examination%20System%20With%20Timer/SQL_updateQuestion.md
User
 yylm (UID 67976)
Submission05/13/2024 16:14 (2 years ago)
Moderation05/15/2024 13:23 (2 days later)
StatusAccepted
VulDB entry264453 [Campcodes Online Examination System 1.0 updateQuestion.php ID sql injection]
Points18

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!