Online Fire Reporting System is an online fire reporting system from Carlo Montero’s personal developer. version v1.0 of Online Fire Reporting System is vulnerable to SQL injection, which stems from a GET parameter in /report/list.php that lacks validation for external The vulnerability is caused by the lack of validation of external SQL statements in the GET parameter of /report/list.php, which can be exploited by attackers to execute illegal SQL commands to steal sensitive database data.
CPE | Name | Operator | Version |
---|---|---|---|
carlo montero online fire reporting system v | eq | 1.0 |