| Title | code-projects Online Product Reservation System V1.0 SQL Injection |
|---|
| Description | A critical SQL injection vulnerability exists in the user registration functionality. The application directly concatenates multiple POST parameters into SQL INSERT query without validation, allowing attackers to extract database data and manipulate user registration. |
|---|
| Source | ⚠️ https://github.com/foeCat/CVE/blob/main/OnlineProductReservation_PHP/sqli_register_code.php.md |
|---|
| User | Ho Cherry (UID 94105) |
|---|
| Submission | 01/03/2026 17:41 (3 months ago) |
|---|
| Moderation | 01/04/2026 19:06 (1 day later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 339502 [code-projects Online Product Reservation System 1.0 User Registration register_code.php sql injection] |
|---|
| Points | 17 |
|---|