提交 #580167: PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection信息

标题PHPGurukul CREDIT CARD Application Management System Using PHP and MySQL 1.0 SQL Injection
描述A Time-Based Blind SQL Injection vulnerability was discovered in the Credit Card Application Management System v1.0 by PHPGurukul. The issue affects the username parameter in the login endpoint (/ccams/admin/index.php). Using crafted payloads, an unauthenticated attacker can inject SQL commands and extract sensitive data such as admin credentials, email addresses, and phone numbers from the backend MySQL database (ccamsdb). The vulnerability allows complete compromise of the application’s authentication mechanism.
来源⚠️ https://github.com/GIRISH05/Credit-card-application-management-system/blob/main/SQL-Injection.md
用户
 girishbo (UID 85185)
提交2025-05-18 12時24分 (1 年前)
管理2025-05-18 17時34分 (5 hours later)
状态已接受
VulDB条目309504 [PHPGurukul Credit Card Application Management System 1.0 /admin/index.php 用户名 SQL注入]
积分20

Might our Artificial Intelligence support you?

Check our Alexa App!