| Title | SourceCodester Student Study Center Desk Management System 1.0 SQLi |
|---|
| Description | Related Code file:
/Master.php?f=save_student
Injection parameter:
MULTIPART id
POST parameter 'MULTIPART id' is vulnerable to error-based SQLi.
sqlmap finding:
```
Parameter: MULTIPART id ((custom) POST)
Type: error-based
Title: MySQL OR error-based - WHERE or HAVING clause (FLOOR)
Payload: -----------------------------250939851917583644163997292923
Content-Disposition: form-data; name="id"
```
Report link: https://reports-kunull.vercel.app/CVE%20research/student-study-center-desk-management-system-save_student |
|---|
| Source | ⚠️ https://www.sourcecodester.com/php/16298/student-study-center-desk-management-system-using-php-oop-and-mysql-db-free-source-code |
|---|
| User | Anonymous User |
|---|
| Submission | 07/13/2024 16:23 (2 years ago) |
|---|
| Moderation | 07/13/2024 19:22 (3 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 271449 [SourceCodester Student Study Center Desk Management System 1.0 Master.php?f=save_student ID sql injection] |
|---|
| Points | 20 |
|---|