In /controller/fetchpwd.php
It will receive a parameter called "username" to search for existed users.
But in fact,this parameter just become a part of the SQL request without any process,so it will be possible to have a SQL injection.
We can use SQLMAP to test this vulnerability:
In /controller/fetchpwd.php
It will receive a parameter called "username" to search for existed users.
But in fact,this parameter just become a part of the SQL request without any process,so it will be possible to have a SQL injection.
We can use SQLMAP to test this vulnerability:
sqlmap -u "http://192.168.31.91/controller/fetchpwd.php" --data "username=1" --dbms mysql -p username
The text was updated successfully, but these errors were encountered: