| tiêu đề | Campcodes Online Examination System With Timer 1.0 SQL Injection |
|---|
| Mô tả | A vulnerability was found in Campcodes Online Examination System With Timer, impacting the page selExamAttemptExe.php. The value of user input (thisId parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack |
|---|
| Nguồn | ⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Examination%20System%20With%20Timer/SQL_selExamAttemptExe.md |
|---|
| Người dùng | yylm (UID 67976) |
|---|
| Đệ trình | 13/05/2024 16:09 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 15/05/2024 13:23 (2 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 264451 [Campcodes Online Examination System 1.0 selExamAttemptExe.php thisId Tiêm SQL] |
|---|
| điểm | 18 |
|---|