| tiêu đề | SourceCodester Online Eyewear Shop 1.0 SQL Injection |
|---|
| Mô tả | A critical SQL injection vulnerability has been identified in Online Eyewear Shop Website version 1.0. This flaw exists within the report viewing page at `/admin/?page=reports&date=2024-10-13`. By manipulating the `date` parameter, attackers can inject malicious SQL code, allowing them to retrieve sensitive data from the backend database. This vulnerability exposes the system to potential data breaches and unauthorized access. No patch or mitigation has been provided at this time, and the risk remains unaddressed.
|
|---|
| Nguồn | ⚠️ https://gist.github.com/higordiego/b9699573de61b26f2290e69f38d23fd0 |
|---|
| Người dùng | c4ttr4ck (UID 75518) |
|---|
| Đệ trình | 13/10/2024 16:47 (cách đây 2 những năm) |
|---|
| Kiểm duyệt | 15/10/2024 07:09 (2 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 280338 [SourceCodester Online Eyewear Shop 1.0 Report Viewing Page /admin/?page=reports Ngày Tiêm SQL] |
|---|
| điểm | 20 |
|---|