Submit #850616: Codeastro Apartment Visitor Management System V1.0 SQL Injectioninfo

TitleCodeastro Apartment Visitor Management System V1.0 SQL Injection
DescriptionCodeastro Apartment Visitor Management System V1.0 — SQL Injection in /apartment-visitor/search-result.php. The searchdata POST parameter is directly concatenated into SQL queries without any sanitization or parameterized binding. The application fails to validate or escape user input before passing it to the database, allowing attackers to forge malicious input that manipulates SQL query logic.
Source⚠️ https://gist.github.com/menelausx/29aef0a0ab6f289c0f45b379f6d759d7
User
 JasperX (UID 97281)
Submission06/06/2026 15:43 (29 days ago)
Moderation07/05/2026 05:56 (29 days later)
StatusAccepted
VulDB entry376356 [CodeAstro Apartment Visitor Management System 1.0 POST Parameter search-result.php searchdata sql injection]
Points20

Interested in the pricing of exploits?

See the underground prices here!