| Title | code-projects Responsive Hotel Site v1.0 SQL Injection |
|---|
| Description | Due to the lack of purification or parameterization of PID parameters, attackers can inject malicious SQL code to manipulate database queries. By utilizing the SQL injection technique of UNION query, attackers can use functions such as UNION to directly query the fields required by the database. This can be used to confirm the existence of vulnerabilities and potentially extract sensitive information from the database. |
|---|
| Source | ⚠️ https://github.com/Huandtx/cve/blob/main/cve/Responsive%20Hotel%20Site/sql1.md |
|---|
| User | huandtx (UID 79079) |
|---|
| Submission | 01/04/2025 08:48 (1 Year ago) |
|---|
| Moderation | 01/04/2025 20:47 (12 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 290226 [code-projects Responsive Hotel Site 1.0 /admin/print.php pid sql injection] |
|---|
| Points | 19 |
|---|