제출 #699245: code-projects Employee Profile Management System published November 15, 2025 SQL Injection정보

제목	code-projects Employee Profile Management System published November 15, 2025 SQL Injection
설명	Summary The vulnerability exists in multiple personnel-related components due to improper handling of user input. Several endpoints directly concatenate user-controlled parameters (per_id, dept_id, term, etc.) into SQL statements, allowing attackers to inject arbitrary SQL queries. Root Cause The application builds SQL strings using unsanitized variables (e.g., $_GET['per_id'], $_GET['term']) before calling PDO::prepare(). Because the SQL already contains attacker-controlled fragments before preparation, no parameter binding occurs, resulting in full SQL injection. Example vulnerable pattern found in files such as view_personnel.php, edit_personnel.php, print_personnel_report.php, and delete_department.php: $sql = "SELECT * FROM personnel WHERE per_id = ".$_GET['per_id']; $stmt = $pdo->prepare($sql); $stmt->execute(); Reproduction 1. Navigate to a vulnerable page For example: http://localhost/employee_profile/view_personnel.php?per_id=1 2. Inject SQL payload into the per_id parameter Modify request to: http://localhost/employee_profile/view_personnel.php?per_id=1' OR '1'='1-- 3. Observe returned data The page will display multiple personnel records instead of a single record. (Optional destructive test — local environment only) http://localhost/employee_profile/delete_department.php?dept_id=0 OR 1=1-- This causes a mass-delete operation. Impact This vulnerability allows attackers to: Bypass access control by retrieving all personnel data Read sensitive HR records across departments Modify or delete arbitrary database entries Potentially chain into full system compromise if SQL functions or file writes are permitted Because the vulnerability exists in both view and delete operations, the impact ranges from information disclosure to complete data loss.
원천	⚠️ https://github.com/shenxianyuguitian/employee-management-SQL
사용자	xuanyuesanshi (UID 88126)
제출	2025. 11. 21. AM 08:22 (5 개월 ago)
모더레이션	2025. 12. 06. PM 06:19 (15 days later)
상태	수락
VulDB 항목	334613 [code-projects Employee Profile Management System 1.0 /view_personnel.php per_id SQL 주입]
포인트들	20

◂ 이전 개요 다음 ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!