| tiêu đề | SQL injection vulnerability exists in search-property.php |
|---|
| Mô tả | Build environment: Apache 2.4.39; MySQL5.7.26; PHP7.3.4
SQL injection vulnerability exists in search-property.php
In search property In PHP, in lines 52-54 of the code, search_ The property is transferred to the backend through the post request and assigned to the variable $q_ String, and then it is substituted into the database for fuzzy query, and then mysqli is used_ The query function returns the result of the data query |
|---|
| Nguồn | ⚠️ https://github.com/nikeshtiwari1/House-Rental-System/issues/7 |
|---|
| Người dùng | ace. (UID 34853) |
|---|
| Đệ trình | 02/12/2022 02:48 (cách đây 4 những năm) |
|---|
| Kiểm duyệt | 03/12/2022 11:21 (1 day later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 214771 [House Rental System POST Request search-property.php search_property Tiêm SQL] |
|---|
| điểm | 20 |
|---|