The project has multiple SQL injection vulnerabilities

![image](https://github.com/MakkaPakkaa/Library_management-/assets/73983899/6f036825-b6a8-4e55-9538-bd50738a2202)
This code has an SQL injection vulnerability because the user-supplied input (i.e. 'username' and 'password') is directly concatenated into the SQL statement when the SQL query is constructed without adequate filtering and escaping. This allows a malicious user to tamper with the original SQL statement by entering specific characters, as shown in the following methods.
![image](https://github.com/MakkaPakkaa/Library_management-/assets/73983899/6b06c433-7400-40d4-8b1a-30744c178f65)
Vulnerability exploitation：
![image](https://github.com/MakkaPakkaa/Library_management-/assets/73983899/e3a7f274-d627-4963-ba5c-e9d616f32714)
Repair suggestion：
   The best way to fix SQL injection vulnerabilities is to use parameterized queries (Prepared Statements) to build SQL statements.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

The project has multiple SQL injection vulnerabilities #2

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

The project has multiple SQL injection vulnerabilities #2

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions