| Title | code-projects farmacia-in-php v1.0 SQL Injection |
|---|
| Description | In the visualizar-produto.php file of farmacia-in-php, the id parameter is obtained, and the SQL statement is concatenated to the SQL statement without filtering the execution, resulting in SQL injection vulnerabilities and server permissions |
|---|
| Source | ⚠️ https://github.com/LamentXU123/cve/blob/main/cve-l.md |
|---|
| User | LamentXU (UID 78142) |
|---|
| Submission | 12/01/2024 06:00 (2 years ago) |
|---|
| Moderation | 12/01/2024 12:21 (6 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 286491 [code-projects Farmacia 1.0 /visualizar-produto.php ID sql injection] |
|---|
| Points | 16 |
|---|