Skip to content

Latest commit

 

History

History

CVE-2021-42667

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 
 
 

Payloads:

Description:

The ID parameter from Online Event Booking and Reservation System 2.3.0 appears to be vulnerable to SQL injection attacks. SQL injection is 4 types. The malicious user can bypass the database and he can dump all database information then he can access all accounts which this system has! The attacker can take sensitive information and can exploit the users of this system. Conclusion: awful status... BR nu11secur1ty

Reproduce:

href

Proof:

href