| Title | Sql injection exists for Student Management System page ID |
|---|
| Description | Sql injection vulnerability exists in the page ID code parameter of Student Management System, which can be exploited by attackers to obtain sensitive information and cause data leakage.
The dangers of SQL injection
Database information leakage: The leakage of user's private information stored in the database.
Web page tampering: tampering with specific web pages by manipulating the database.
The website is hacked, and malware spreads: modify the values of some fields in the database, embed the link of the network, and carry out the hacking attack.
The database was operated maliciously: the database server was attacked, and the system administrator account of the database was tampered with.
The server was remotely controlled and backdoored. Operating system support provided by the database server allows hackers to modify or control the operating system.
Destroy hard disk data and paralyze the entire system. |
|---|
| Source | ⚠️ https://github.com/beicheng-maker/vulns/issues/4 |
|---|
| User | cppuzhang (UID 31043) |
|---|
| Submission | 08/17/2022 16:19 (4 years ago) |
|---|
| Moderation | 08/17/2022 20:37 (4 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 206634 [SourceCodester Student Management System index.php ID sql injection] |
|---|
| Points | 20 |
|---|