| tiêu đề | CodeAstro Online Job Portal Project in PHP MySQL 1.0 SQL Injection |
|---|
| Mô tả | A SQL injection vulnerability was identified in CodeAstro Online Job Portal Project in PHP MySQL 1.0.
The application uses the id parameter directly in the SQL query without proper sanitization or parameter binding. This allows an authenticated administrator to inject malicious input and manipulate the query logic.
By exploiting this issue, an attacker can delete all job records from the database instead of a single intended entry. |
|---|
| Nguồn | ⚠️ https://github.com/Xmyronn/CodeAstro-Online-Job-Portal-SQLi-Delete-All.git |
|---|
| Người dùng | imad alvi (UID 97088) |
|---|
| Đệ trình | 06/04/2026 18:06 (cách đây 22 ngày) |
|---|
| Kiểm duyệt | 25/04/2026 16:18 (19 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 359608 [CodeAstro Online Job Portal 1.0 All Jobs Page delete-jobs.php ID Tiêm SQL] |
|---|
| điểm | 20 |
|---|