Submit #398157: SourceCodester E-Commerce Website 1.0 SQL Injectioninfo

TitleSourceCodester E-Commerce Website 1.0 SQL Injection
DescriptionTitle: SQL Injection Vulnerability in /Admin/registration.php Endpoint Summary: A SQL injection vulnerability has been discovered in thehttps://www.sourcecodester.com/php/14211/online-art-gallery-management-system-project-using-phpmysql.html (/Admin/registration.php) endpoint of a web application. The vulnerability exists in the username field, where user input is not properly sanitized, allowing an attacker to inject malicious SQL queries. This can lead to unauthorized access, database extraction, or other malicious actions, depending on the exploitation method used. Vulnerable Endpoint: /Admin/registration.php Vulnerable parameter: fname Vulnerable Field: Username field detailed POC in advisory
Source⚠️ https://github.com/gurudattch/CVEs/blob/main/Sourcecodester-Online-Art-Gallary-Management-System-onlinadvisory-sqli.md
User
 guru (UID 74056)
Submission08/26/2024 13:48 (2 years ago)
Moderation08/27/2024 14:34 (1 day later)
StatusAccepted
VulDB entry275926 [SourceCodester E-Commerce Website 1.0 /Admin/registration.php fname sql injection]
Points20

PreviousOverviewNext

Do you know our Splunk app?

Download it now for free!