Home
Description
A time-based SQL injection vulnerability exists in mydetailsstudent.php in the CloudClassroom PHP Project 1.0. The myds parameter does not properly validate user input, allowing an attacker to inject arbitrary SQL commands.
References
owasp.org/www-community/attacks/SQL_Injection
gist.github.com/b0mk35h/921cfa00f9ea1af66645574537d38587