| शीर्षक | imvks786 student_management_system 1.0 SQL Injection |
|---|
| विवरण | The application contains SQL injection vulnerabilities throughout nearly all database interaction points. User‑supplied input from `$_GET` and `$_POST` is concatenated directly into SQL queries without any parameterisation, escaping, or validation. This allows an attacker to manipulate query logic, leading to:
- **Authentication bypass** – log in as any user (including administrators) without valid credentials.
- **Unauthorised data deletion** – delete student records via `see.php?del=...`.
- **Unauthorised permission changes** – modify user roles via `admin/user_permission.php`.
- **Sensitive data exposure** – extract arbitrary data from the database using UNION‑based or blind techniques.
### Affected Code Examples
**1. Login bypass (department login):**
```php
// index.php
$usr = $_POST['usr'];
$pwd = $_POST['pwd'];
$ret = mysqli_query($con, "SELECT * FROM login WHERE username='$usr' AND password='$pwd' ");
``` |
|---|
| स्रोत | ⚠️ https://github.com/imvks786/student_management_system/issues/1 |
|---|
| उपयोगकर्ता | Amoda (UID 98400) |
|---|
| सबमिशन | 25/05/2026 05:55 AM (20 दिन पहले) |
|---|
| संयम | 07/06/2026 09:53 PM (14 days later) |
|---|
| स्थिति | स्वीकृत |
|---|
| VulDB प्रविष्टि | 369147 [imvks786 student_management_system तक 9599b560ad3c3b83e75d328b76bedcd489ef1f46 Login /index.ph usr/pwd SQL इंजेक्शन] |
|---|
| अंक | 20 |
|---|