| عنوان | code-projects Online Voting System in PHP 1.0 SQL Injection |
|---|
| الوصف | A SQL Injection vulnerability exists in the vote submission functionality of Online Voting System in PHP version 1.0.
The endpoint saveVote.php is publicly accessible without authentication and processes voter data through a test_input() function that applies htmlspecialchars() without the ENT_QUOTES flag, leaving single quotes unescaped. All four POST parameters are directly concatenated into an INSERT query:
$name= test_input($_POST["voterName"]);
$email= test_input($_POST["voterEmail"]);
$voterID= test_input($_POST["voterID"]);
$selection= test_input($_POST["selectedCandidate"]);
$sql= "INSERT INTO db_evoting.tbl_users VALUES(null,'".$name."','".$email."','".$voterID."','".$selection."');";
An unauthenticated attacker can manipulate the SQL logic to insert arbitrary records into the voter table, inject malicious data, or cause database errors by breaking the query structure. |
|---|
| المصدر | ⚠️ https://gist.github.com/c4ttr4ck/a29b2238099fa07b4f072c21123b55ef |
|---|
| المستخدم | c4ttr4ck (UID 75518) |
|---|
| ارسال | 02/06/2026 08:18 PM (1 شهر منذ) |
|---|
| الاعتدال | 03/07/2026 08:31 PM (1 month later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 376162 [code-projects Online Voting System 1.0 /saveVote.php test_input voterName/voterEmail/voterID/selectedCandidate حقن SQL] |
|---|
| النقاط | 20 |
|---|