From this webpage screenshot, the following key information about the vulnerability can be obtained: 1. Vulnerability ID: #399548 2. Vulnerability Name: SourceCodester electric-billing-management-system Action.php 1.0 SQL Injection 3. Vulnerability Description: - SQL Injection in Sourcecodester The Electric Billing Management System 1.0 by oretnom23 - The cause is that the web application does not validate user-submitted data (such as type, length, business parameter validity, etc.), nor does it effectively filter special characters from user input, directly inserting user input into the database for execution. - The system fails to properly filter the username parameter content in the Action.php file, allowing bypass of login restrictions using a universal password. 4. Vulnerability Source: - https://github.com/enjoyworld/webray.com.cn/blob/main/cves/Electric%20Billing%20Management%20System/Electric%20Billing%20Management%20System%20Action.php%20SQL-inject.md 5. Submitter: xmg404 (ID 74197) 6. Submission Time: August 29, 2024, 04:02 AM 7. Review Time: August 30, 2024, 09:39 AM 8. Status: Accepted 9. VulDB Entry ID: 276219 This information helps understand the detailed nature of the vulnerability, its source, and the process by which it was verified and accepted.