漏洞标题
源码者设计和实现在接种系统登录.php中的COVID-19目录SQL注入
漏洞描述信息
源码极客设计并实现了Covid-19疫苗接种系统登录页面(login.php)的SQL注入目录
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System login.php sql injection
漏洞描述信息
A vulnerability, which was classified as critical, has been found in SourceCodester Design and Implementation of Covid-19 Directory on Vaccination System 1.0. This issue affects some unknown processing of the file /admin/login.php. The manipulation of the argument txtusername/txtpassword leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222851.
CVSS信息
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
漏洞类别
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
漏洞标题
Covid-19 Directory On Vaccination System SQL注入漏洞
漏洞描述信息
Covid-19 Directory On Vaccination System是尼日利亚Ndueso Okorie个人开发者的一个 COVID-19 信息管理系统。该系统将准确存储和检索有关 COVID-19 疫苗接种的信息,以控制大流行的传播。 Covid-19 Directory On Vaccination System 1.0版本存在SQL注入漏洞,该漏洞源于对参数txtusername/txtpassword的错误操作导致sql注入。
CVSS信息
N/A
漏洞类别
SQL注入