| Título | Yash Pokharna StudentManagementSystem 1.0 SQL Injection |
|---|
| Descripción | A SQL injection vulnerability exists in success.php that allows an attacker to bypass the login authentication. The script directly concatenates the unsanitized $_POST['user'] parameter into the SQL query. Although the password field is hashed with MD5, the lack of proper input handling (e.g., mysqli_real_escape_string or prepared statements) enables an attacker to inject SQL comments (#) to bypass the password verification and log in as any user, including the administrator. |
|---|
| Fuente | ⚠️ https://github.com/yashpokharna2555/StudentManagementSystem/issues/2 |
|---|
| Usuario | frljiang123 (UID 96712) |
|---|
| Sumisión | 2026-04-27 10:38 (hace 1 mes) |
|---|
| Moderación | 2026-05-24 11:03 (27 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 365450 [yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203 /success.php Usuario inyección SQL] |
|---|
| Puntos | 20 |
|---|