제출 #59872: Sanitization Management System - SQL Injection leads to Unauthorized Admin Access정보

제목Sanitization Management System - SQL Injection leads to Unauthorized Admin Access
설명# Exploit Title: Sanitization Management System - SQL Injection leads to Unauthorized Admin Access # Exploit Author: Naveen Bhambhani # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html # Software Link: https://www.sourcecodester.com/php/15023/stock-management-system-phpoop-source-code.html # Version: v1.0 # Tested on: Windows 11 Description:- An SQL injection issue in Sanitization Management System v.1.0 allows an attacker to logged into admin account. ` Payload used:- admin' or 1=1-- ` Parameter:- Username and Password ` Steps to reproduce:- 1. First go the admin login 2. From there in username and password put the payload Payload: admin' or 1=1 3. Now press enter and we get logged in into admin account
사용자
 nhsb (UID 38025)
제출2022. 12. 24. AM 08:33 (4 연령 ago)
모더레이션2022. 12. 24. AM 08:41 (8 minutes later)
상태수락
VulDB 항목216739 [SourceCodester Sanitization Management System 1.0 Admin Login username/password SQL 주입]
포인트들17

Want to know what is going to be exploited?

We predict KEV entries!