![]() The Exploit Database is maintained by Offensive Security, an information security training company This can be exploited to manipulate SQL queries by injecting arbitrary SQL code and retrieve sensitive data. The application suffers from an unauthenticated SQL Injection vulnerability.Input passed through 'edit' GET parameter in '' is not properly sanitised before being returned to the user or used in SQL queries. An attacker can exploit these issues to upload arbitrary files in the context of the web server process and execute commands. The application is prone to an arbitrary file-upload because it fails to adequately sanitize user-supplied input. # Exploit Title: Police Crime Record Management Project 1.0 - Time Based SQLi
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |