| tiêu đề | Best employee management system in php print1.php V1.0 SQL Injection |
|---|
| Mô tả | hr_softadmin/print1.php file line 104 php method gets user input from the GET element. The value of this element is then passed to the code without proper sanitisation or validation, and is ultimately used in the php method on line 108 of the hr_softadminprint1.php file for database queries. This can lead to SQL injection attacks.
baiyunjian has discovered that due to insufficient protection of the "id" parameter in the "admin/print1.php" file, "Best employee management system in php" there is a serious security vulnerability in the This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database. |
|---|
| Nguồn | ⚠️ https://github.com/Hefei-Coffee/cve/issues/2 |
|---|
| Người dùng | baiyunjian (UID 82187) |
|---|
| Đệ trình | 04/03/2025 10:35 (cách đây 1 Năm) |
|---|
| Kiểm duyệt | 06/03/2025 15:21 (2 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 298796 [SourceCodester Best Employee Management System 1.0 /admin/print1.php ID Tiêm SQL] |
|---|
| điểm | 20 |
|---|