| 标题 | SQL injection vulnerability in Student Attendance Management System |
|---|
| 描述 | SQL injection vulnerability in Student Attendance Management System。input [email protected] / Password@123 Log in to the background. Then modify the information in createClass Php, the ID is assigned to the variable $ID, and then inserted into the database for query, and the query information is returned, However, there is no filtering,causing a SQL injection vulnerability |
|---|
| 来源 | ⚠️ https://github.com/rickxy/Student-Attendance-Management-System/issues/2 |
|---|
| 用户 | ace. (UID 34853) |
|---|
| 提交 | 2022-11-17 07時54分 (4 年前) |
|---|
| 管理 | 2022-11-17 16時10分 (8 hours later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 213845 [Student Attendance Management System /Admin/createClass.php 标识符 SQL注入] |
|---|
| 积分 | 20 |
|---|