SourceCodester Online Tours & Travels Management System pay.php sql injection
后台-插件-广告管理-内容页头部广告(手机) |
SourceCodester Online Tours & Travels Management System pay.php sql injection
Url: admin/pay.php
Abstract:
Line 16 of pay.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
Explanation:
SQL injection errors occur when:
-
Data enters a program from an untrusted source.
-
The data is used to dynamically construct a SQL query.
In this case the data is passed to prepare() in pay.php at line 16.
- 1
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
Download Code:
https://www.sourcecodester.com/php/14510/online-tours-travels-management-system-project-using-php-and-mysql.html
1.本站遵循行业规范,任何转载的稿件都会明确标注作者和来源;2.本站的原创文章,请转载时务必注明文章作者和来源,不尊重原创的行为我们将追究责任;3.作者投稿可能会经我们编辑修改或补充。
在线投稿:投稿 站长QQ:1888636
后台-插件-广告管理-内容页尾部广告(手机) |