| 제목 | code-projects Online Voting System in PHP 1.0 SQL Injection |
|---|
| 설명 | A SQL Injection vulnerability exists in the vote submission functionality of Online Voting System in PHP version 1.0.
The endpoint saveVote.php is publicly accessible without authentication and processes voter data through a test_input() function that applies htmlspecialchars() without the ENT_QUOTES flag, leaving single quotes unescaped. All four POST parameters are directly concatenated into an INSERT query:
$name= test_input($_POST["voterName"]);
$email= test_input($_POST["voterEmail"]);
$voterID= test_input($_POST["voterID"]);
$selection= test_input($_POST["selectedCandidate"]);
$sql= "INSERT INTO db_evoting.tbl_users VALUES(null,'".$name."','".$email."','".$voterID."','".$selection."');";
An unauthenticated attacker can manipulate the SQL logic to insert arbitrary records into the voter table, inject malicious data, or cause database errors by breaking the query structure. |
|---|
| 원천 | ⚠️ https://gist.github.com/c4ttr4ck/a29b2238099fa07b4f072c21123b55ef |
|---|
| 사용자 | c4ttr4ck (UID 75518) |
|---|
| 제출 | 2026. 06. 02. PM 08:18 (1 월 ago) |
|---|
| 모더레이션 | 2026. 07. 03. PM 08:31 (1 month later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 376162 [code-projects Online Voting System 1.0 /saveVote.php test_input voterName/voterEmail/voterID/selectedCandidate SQL 주입] |
|---|
| 포인트들 | 20 |
|---|