Sourcecodester Enrollment System Project V1.0 is...
Critical severity
Unreviewed
Published
Jun 21, 2023
to the GitHub Advisory Database
•
Updated May 2, 2024
Description
Published by the National Vulnerability Database
Jun 21, 2023
Published to the GitHub Advisory Database
Jun 21, 2023
Last updated
May 2, 2024
Sourcecodester Enrollment System Project V1.0 is vulnerable to SQL Injection (SQLI) attacks, which allow an attacker to manipulate the SQL queries executed by the application. The application fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code.
References