| タイトル | code-projects Human Resource Integrated System published August 1, 2025 SQL Injection |
|---|
| 説明 | Summary
The vulnerability exists in the insert-and-view component due to improper handling and validation of user input in SQL queries.
Root Cause
The application uses outdated mysql_* functions (mysql_query) in action.php without fully sanitizing or parameterizing user input. Specifically, the inputs obtained via $_POST['content'] are directly embedded into SQL queries.
Example code snippet:
$content = mysql_real_escape_string($_POST['content']);
mysql_query("insert into comment(msg,ip_add) values ('$content','$ip')");
Although mysql_real_escape_string mitigates basic SQL injection, it does not prevent more complex injection scenarios or second-order SQL injection attacks.
Reproduction
Navigate to the application's comment submission form.
Submit the following payload:
'); DROP TABLE comment; --
Observe that the injected SQL query alters the intended database operations.
Impact
An attacker could leverage this vulnerability to manipulate the database, execute arbitrary SQL commands, access sensitive data, or disrupt database integrity. |
|---|
| ソース | ⚠️ https://github.com/shenxianyuguitian/hris-vuln-sqli/blob/main/README.md |
|---|
| ユーザー | xuanyuesanshi (UID 88126) |
|---|
| 送信 | 2025年08月01日 08:08 (9 月 ago) |
|---|
| モデレーション | 2025年08月02日 08:54 (1 day later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 318599 [code-projects Human Resource Integrated System 1.0 action.php content SQLインジェクション] |
|---|
| ポイント | 20 |
|---|