| タイトル | CodeAstro Human Resource Management System in PHP CodeIgniter v1.0 Time-Based Blind SQL Injection |
|---|
| 説明 | An time-based blind SQL injection vulnerability was identified in the Update_Earn_Leave functionality of the HR management application. The issue exists because user-supplied input from the emid POST parameter is directly concatenated into a backend SQL query without proper sanitization or parameterized statements.
The vulnerability originates from the emselectByCode() function inside application/models/Employee_model.php, where the emid parameter is embedded into a MySQL query in an unsafe manner. An authenticated attacker can exploit this issue by injecting crafted SQL payloads into the emid parameter, resulting in arbitrary SQL query execution against the backend database.
The vulnerability was successfully verified using time-based blind SQL injection techniques. A crafted payload leveraging the MySQL SLEEP() function caused measurable response delays, confirming successful query execution within the database context.
Successful exploitation may allow attackers to enumerate database contents, extract sensitive employee information, disclose authentication data, manipulate application records, and potentially achieve full compromise of the underlying database depending on assigned privileges. |
|---|
| ソース | ⚠️ https://github.com/ashikmd0507/CVE/tree/main/Time-Based%20Blind%20SQL%20Injection%20in%20Update_Earn_Leave%20via%20emid%20Parameter |
|---|
| ユーザー | ashikmd7 (UID 98284) |
|---|
| 送信 | 2026年05月28日 07:06 (1 月 ago) |
|---|
| モデレーション | 2026年06月28日 09:51 (1 month later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 374533 [CodeAstro Human Resource Management System 1.0 Update_Earn_Leave Endpoint Employee_model.php emselectByCode emid SQLインジェクション] |
|---|
| ポイント | 20 |
|---|