Gửi #471112: code-projects Chat System 1.0.0.00 SQL Injectionthông tin

tiêu đềcode-projects Chat System 1.0.0.00 SQL Injection
Mô tảIn the file 'update_user.php' located at /admin/update_user.php, there is a possibility of performing SQL injection on the 'name and id' parameter. This allows attackers to inject malicious SQL code into the query. For example, if the name and id parameter is set to: error-based: script=1' AND 4381=(SELECT (CASE WHEN (4381=4381) THEN 4381 ELSE (SELECT 6122 UNION SELECT 5924) END))-- -
Nguồn⚠️ https://code-projects.org/chat-system-using-php-source-code/
Người dùng
 Havook (UID 71104)
Đệ trình28/12/2024 16:18 (cách đây 2 những năm)
Kiểm duyệt29/12/2024 16:38 (1 day later)
Trạng tháiđược chấp nhận
Mục VulDB289768 [code-projects Chat System 1.0 /admin/update_user.php ID Tiêm SQL]
điểm20

Want to know what is going to be exploited?

We predict KEV entries!