Invia #836633: imvks786 student_management_system 1.0 SQL Injectioninformazioni

Titoloimvks786 student_management_system 1.0 SQL Injection
DescrizioneThe administrator login endpoint constructs an SQL query by directly embedding the user‑supplied `a_usr` (username) and `a_pwd` (password) without any sanitisation or parameterisation: ```php $a_usr = $_POST['a_usr']; $a_pwd = $_POST['a_pwd']; $ret = mysqli_query($con, "SELECT * FROM admin WHERE userid='$a_usr' AND password='$a_pwd' "); ``` Because no input validation or query parameterisation is applied, an attacker can inject a boolean‑based payload into the username field. The payload admin' OR '1'='1 transforms the query into one that always returns at least one row, completely bypassing the password check. The server then sets a session and redirects to the admin dashboard, granting full administrative access.
Fonte⚠️ https://github.com/imvks786/student_management_system/issues/2
Utente
 Yeliuyun (UID 94203)
Sottomissione25/05/2026 06:00 (2 mesi fa)
Moderazione07/06/2026 21:53 (14 days later)
StatoAccettato
Voce VulDB369148 [imvks786 student_management_system fino a 9599b560ad3c3b83e75d328b76bedcd489ef1f46 Administrator Login Endpoint admin/admin_login.php a_usr/a_pwd iniezione SQL]
Punti20

Might our Artificial Intelligence support you?

Check our Alexa App!