| 标题 | Campcodes Online Examination System With Timer 1.0 SQL Injection |
|---|
| 描述 | A vulnerability was found in Campcodes Online Examination System With Timer, impacting the page updateExaminee.php. The value of user input (id parameter) is directly concatenated into an SQL query without undergoing any form of filtering or utilizing prepared statements, causing the application vulnerable to SQL injection attack |
|---|
| 来源 | ⚠️ https://github.com/yylmm/CVE/blob/main/Online%20Examination%20System%20With%20Timer/SQL_updateExaminee.md |
|---|
| 用户 | yylm (UID 67976) |
|---|
| 提交 | 2024-05-13 16時13分 (2 年前) |
|---|
| 管理 | 2024-05-15 13時20分 (2 days later) |
|---|
| 状态 | 重复 |
|---|
| VulDB条目 | 258036 [Campcodes Online Examination System 1.0 updateExaminee.php 标识符 SQL注入] |
|---|
| 积分 | 0 |
|---|