Description - SQL Injection Vulnerability in PHPenpals
SQL Injection found in PHPenpals script.
- Exploit
- Available
- Solution
- Not available - check Jevontec website
Vulnerable scripts: profile.php
Variable $personalID isn't properly sanitized before being used in a SQL query. This can be used to make any SQL query by injecting arbitrary SQL code.
Order Source Code Testing made by eVuln team
Prevent attacks by PHP code review of a website made by eVuln team.The task will be done by experts in website security.