Invia #59872: Sanitization Management System - SQL Injection leads to Unauthorized Admin Accessinformazioni

TitoloSanitization Management System - SQL Injection leads to Unauthorized Admin Access
Descrizione# Exploit Title: Sanitization Management System - SQL Injection leads to Unauthorized Admin Access # Exploit Author: Naveen Bhambhani # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html # Software Link: https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html # Version: v1.0 # Tested on: Windows 11 Description:- An SQL injection issue in Sanitization Management System v.1.0 allows an attacker to logged into admin account. ` Payload used:- admin' or 1=1-- ` Parameter:- Username and Password ` Steps to reproduce:- 1. First go the admin login 2. From there in username and password put the payload Payload: admin' or 1=1 3. Now press enter and we get logged in into admin account
Utente
 nhsb (UID 38025)
Sottomissione24/12/2022 08:33 (4 anni fa)
Moderazione24/12/2022 08:41 (8 minutes later)
StatoAccettato
Voce VulDB216739 [SourceCodester Sanitization Management System 1.0 Admin Login username/password iniezione SQL]
Punti17

Might our Artificial Intelligence support you?

Check our Alexa App!