Injection: PHPOK - SQL Injection¶

Identifier: phpok_sqli

Scanner(s) Support¶

GraphQL Scanner	REST Scanner	WebApp Scanner	ASM Scanner

Description¶

PHPOK contains SQL injection vulnerabilities via GET requests, allowing attackers to obtain sensitive information from databases, modify data, and execute unauthorized administrative operations.

How we test: We test for SQL injection vulnerabilities in PHPOK by injecting malicious SQL payloads into GET request parameters and analyzing responses to detect if SQL queries are executed.

Reference:

https://cve.report/software/phpok/phpok

Configuration¶

Example¶

Example configuration:

---
security_tests:
  phpok_sqli:
    skip: false

Reference¶

`skip`¶

Type : boolean

Skip the test if true.