In Booking Php, from line 4 to line 12 of the code,the value of id is passed to the backend through the get request, and is assigned to the variable $id, then $id is substituted into the database for query, and the value is assigned to the variable $movieQuery, and then the query result mysqli is returned_ query, SQL error injection vulnerability
Building environment:Apache2.4.49;MySQL5.7.26;PHP7.3.4
1.Movie Ticket Booking System-PHP SQL injection vulnerability exists
In Booking Php, from line 4 to line 12 of the code,the value of id is passed to the backend through the get request, and is assigned to the variable $id, then $id is substituted into the database for query, and the value is assigned to the variable $movieQuery, and then the query result mysqli is returned_ query, SQL error injection vulnerability
POC:
The text was updated successfully, but these errors were encountered: