Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
propanetank Roommate-Bill-Tracking login.php sql injection
Vulnerability Description
A vulnerability was found in propanetank Roommate-Bill-Tracking up to 288437f658fc9ee7d4b92a9da12557024d8bc55c. It has been declared as critical. This vulnerability affects unknown code of the file /includes/login.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The name of the patch is b32bb1b940f82d38fb9310cd66ebe349e20a1d0a. It is recommended to apply a patch to fix this issue.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Roommate-Bill-Tracking 注入漏洞
Vulnerability Description
Roommate-Bill-Tracking是Hayden个人开发者的一个相对简单的PHP应用程序,用于管理室友之间的费用以及共享的杂货清单。 Roommate-Bill-Tracking存在注入漏洞,该漏洞源于对参数Username的错误操作会导致SQL注入。
CVSS Information
N/A
Vulnerability Type
N/A