Gửi #44810: Simple Task Managing System in PHP With MySQLi Sql Injectionthông tin

tiêu đề	Simple Task Managing System in PHP With MySQLi Sql Injection
Mô tả	The Simple Task Managing System in PHP With MySQLi (https://www.sourcecodester.com/php/15624/simple-task-managing-system-php-mysqli-free-source-code.html) is a simple web system coded in a PHP programming language. The vulnerability allows unauthorized attacker to dump data from Mysql database. POC: POST /loginVaLidation.php with body data `login=foo'or 1#&password=123456` the response headers contains `Location: index.php` and with data `login=foo'or 0#&password=123456` the response headers contains `Location: login.php` which leads to boolean based sql injection, and allows attacker to bypass the authorization of the system
Người dùng	kingbridge (UID 31583)
Đệ trình	27/08/2022 05:55 (cách đây 4 những năm)
Kiểm duyệt	27/08/2022 10:40 (5 hours later)
Trạng thái	được chấp nhận
Mục VulDB	207423 [SourceCodester Simple Task Managing System /loginVaLidation.php đăng nhập Tiêm SQL]
điểm	17

Do you want to use VulDB in your project?

Use the official API to access entries easily!