| Title | code-projects Shopping Portal Using PHP With Source Code 1.0 SQL Injection |
|---|
| Description | In the /Shopping/Admin/index.php file of Shopping Portal System, the username and password parameter is obtained, and the SQL statement is concatenated to the SQL statement without filtering the execution, resulting in SQL injection vulnerabilities and login as administrator |
|---|
| Source | ⚠️ https://hexotion.notion.site/Shopping-Portal-in-PHP-has-Stored-SQL-injection-vulnerability-in-admin-index-php-1a7bb766cf3280e8bb81eaa59c4c2b74 |
|---|
| User | Hexer. (UID 79448) |
|---|
| Submission | 02/27/2025 08:53 (1 Year ago) |
|---|
| Moderation | 03/04/2025 17:12 (5 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 298557 [code-projects Shopping Portal 1.0 Login index.php Password sql injection] |
|---|
| Points | 14 |
|---|