Submit #673773: code-projects Client Details System V1.0 SQL Injectioninfo

Titlecode-projects Client Details System V1.0 SQL Injection
DescriptionA critical SQL Injection vulnerability exists in clientdetails/welcome.php via the ID GET parameter. The application embeds ID unescaped into backend SQL, enabling attackers to alter query logic and inject additional statements. Because input is not sanitized and prepared statements are not used, the endpoint is susceptible to multiple exploitation techniques.
Source⚠️ https://github.com/hellonewbie/tutorial/issues/6
User
 ZengY (UID 91559)
Submission10/12/2025 11:02 (8 months ago)
Moderation10/26/2025 05:59 (14 days later)
StatusAccepted
VulDB entry329914 [code-projects Client Details System 1.0 GET Parameter welcome.php ID sql injection]
Points19

PreviousOverviewNext

Do you need the next level of professionalism?

Upgrade your account now!