| Title | Project Worlds File Management System unknown Login Bypass via SQL injection |
|---|
| Description | ### **Vendor and Product Information:**
- **Vendor:** Project Worlds
- **Product:** **File Management System**
- **Product URL:** [**File Management System**](https://www.sourcecodester.com/php/13333/file-management-system-very-complete-using-phpmysqli.html)
### **Executive Summary:**
A SQL injection vulnerability has been identified in the login mechanism of the application. This vulnerability allows an attacker to bypass authentication and gain unauthorized access to user accounts. The vulnerability was discovered during security testing, and this report provides details on the issue, its impact, and recommended remediation steps.
### Issue Details:
- **Vulnerability Name:** SQL Injection (SQLi) via Login Form
- **Severity:** High
- **URL:** http://localhost/Complaint%20Management%20System/users/index.php
- **HTTP Method:** POST
### Issue Description:
The web application is vulnerable to SQL Injection (SQLi) attacks through the login form. An attacker can exploit this vulnerability by manipulating the username parameter in the HTTP POST request to inject malicious SQL code. In the provided example, the attacker appends **`' or '1' = '1' -- -`** to the username parameter, resulting in an SQL query that always evaluates to true, allowing unauthorized access to the application. |
|---|
| Source | ⚠️ https://toradah.notion.site/Login-Bypass-via-SQL-injection-b1e45264f6104bc696836ade6e60fb98?pvs=4 |
|---|
| User | torada (UID 61170) |
|---|
| Submission | 02/23/2024 09:36 (2 years ago) |
|---|
| Moderation | 02/23/2024 11:54 (2 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 254622 [SourceCodester Complete File Management System 1.0 Login Form users/index.php Username sql injection] |
|---|
| Points | 17 |
|---|