Submit #343431: SourceCodester Best House Rental Management System 1.0 SQL Injectioninfo

TitleSourceCodester Best House Rental Management System 1.0 SQL Injection
DescriptionAfter receiving the id parameter passed in through the get method in the manage_tenant.php file, it is directly spliced into the SQL query statement for execution without any security filtering. An attacker can use this parameter to perform SQL injection to read arbitrary database information.
Source⚠️ https://github.com/rockersiyuan/CVE/blob/main/SourceCodester_House_Rental_Management_System_Sql_Inject-2.md
User
 rocker (UID 62454)
Submission05/23/2024 16:06 (2 years ago)
Moderation05/25/2024 08:11 (2 days later)
StatusAccepted
VulDB entry266276 [SourceCodester Best House Rental Management System up to 1.0 manage_tenant.php ID sql injection]
Points18

Interested in the pricing of exploits?

See the underground prices here!