Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SQL injection might be possible #4

Open
jakani24 opened this issue Mar 14, 2023 · 0 comments
Open

SQL injection might be possible #4

jakani24 opened this issue Mar 14, 2023 · 0 comments

Comments

@jakani24
Copy link

Hey just randomly saw your repo, but in the file 'Absenzen.php' on line 59 unserialized user input is added into an SQL statement which might lead to SQL injeciton and full compromise of you db.
Actually every time an SQL query is made the user input does not get serialized...
I don't know if it is important that your db and service is secure but it might interest you.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant