Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Obi08-Enrollment System 1.0 login.php SQL Injection
Vulnerability Description
Obi08/Enrollment System 1.0 contains a SQL injection vulnerability in the keyword parameter of /get_subject.php that allows unauthenticated attackers to execute arbitrary SQL queries. Attackers can use UNION-based injection to extract sensitive information from the users table including usernames and passwords.
CVSS Information
N/A
Vulnerability Type
SQL命令中使用的特殊元素转义处理不恰当(SQL注入)
Vulnerability Title
Enrollment System SQL注入漏洞
Vulnerability Description
Enrollment System是Obi08个人开发者的一个招生系统软件。 Enrollment System 1.0版本存在SQL注入漏洞,该漏洞源于/get_subject.php中参数keyword存在SQL注入,可能导致提取敏感信息。
CVSS Information
N/A
Vulnerability Type
N/A