| Title | GitHub Chemical Inventory Management System 1.0 SQL Injection |
|---|
| Description | The Chemical Inventory Management System v1.0 is vulnerable to a SQL Injection flaw in the inventory_form.php file through the chem_name parameter.
An attacker can manipulate the parameter to inject arbitrary SQL queries, which may lead to unauthorized access to the backend database.
This vulnerability can be exploited to enumerate databases, extract sensitive information, and potentially gain full control over the application’s data. |
|---|
| Source | ⚠️ https://gist.github.com/0xSebin/29cb8e043974d996509522cdb738edc6 |
|---|
| User | 0xSebin (UID 35195) |
|---|
| Submission | 08/23/2025 18:31 (10 months ago) |
|---|
| Moderation | 08/31/2025 14:40 (8 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 322059 [deepakmisal24 Chemical Inventory Management System up to 1.0 /inventory_form.php chem_name sql injection] |
|---|
| Points | 20 |
|---|