| Titel | SourceCodester Online Student File Management System 1.0 SQL Injection |
|---|
| Beschreibung | During the security review of the "Online Student File Management System", I discovered a critical SQL injection vulnerability within the file inclusion chain: /index.php → login.php → login_query.php. Specifically, when users access index.php, it includes login.php to display the login form, and login.php subsequently includes login_query.php to handle the login logic. In line 7 of login_query.php, the stud_no parameter is directly inserted into the SQL query: "SELECT * FROM student WHERE stud_no = '$stud_no' && password = '$password'" without any input validation or parameterized query implementation. This insecure coding practice allows attackers to inject malicious SQL code through the stud_no parameter, potentially gaining unauthorized database access, modifying or deleting data, and accessing sensitive information. Immediate remedial measures are required to ensure system security and protect data integrity.
|
|---|
| Quelle | ⚠️ https://github.com/ganzhi-qcy/cve/issues/25 |
|---|
| Benutzer | quchunyi1 (UID 86520) |
|---|
| Einreichung | 05.09.2025 10:02 (vor 9 Monaten) |
|---|
| Moderieren | 15.09.2025 16:01 (10 days later) |
|---|
| Status | Akzeptiert |
|---|
| VulDB Eintrag | 323914 [SourceCodester Online Student File Management System 1.0 /index.php stud_no SQL Injection] |
|---|
| Punkte | 20 |
|---|