إرسال #512793: DayCloud StudentManage 1.0 SQL Injectionالمعلومات

عنوان	DayCloud StudentManage 1.0 SQL Injection
الوصف	## Title: SQL Injection Vulnerability in StudentManage BUG_Author: sageee Vendor: [StudentManage GitHub Repository](https://gitee.com/DayCloud/student-manage) Software: [StudentManage](https://gitee.com/DayCloud/student-manage) Vulnerability Url: - `/admin/adminScoreUrl` ## Description: 1. SQL Injection via User Login: - In the url `/admin/adminScoreUrl`, the login function does not properly sanitize user input before using it in an SQL query. - This can be exploited by sending a crafted request to the login endpoint with malicious SQL code. 2. Exploiting the SQL Injection: - By injecting SQL, an attacker can manipulate the SQL query to bypass authentication or extract sensitive information from the database. 3. Example SQL Injection Payload: - The following payload can be used to bypass authentication: ``` http://<target-ip>/StudentManage/adminScoreUrl?query=1' AND (SELECT 4668 FROM (SELECT(SLEEP(5)))Edrf) AND 'CAla'='CAla ``` 4. Requesting the Login Endpoint: - Make a request to the login endpoint with the SQL injection payload: ``` http://<target-ip>/StudentManage/adminScoreUrl?query=1 ``` 5. Verifying the Exploit: - If the injection is successful, Attackers can use tools to read databases
المستخدم	sageee (UID 82251)
ارسال	03/03/2025 11:02 AM (1 سنة منذ)
الاعتدال	15/03/2025 09:31 PM (12 days later)
الحالة	تمت الموافقة
إدخال VulDB	299818 [DayCloud StudentManage 1.0 Login Endpoint /admin/adminScoreUrl استعلام حقن SQL]
النقاط	17

التالي ▸نظرة عامة ◂ السابق

Want to stay up to date on a daily basis?

Enable the mail alert feature now!