Submit #818539: sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0 Time-Based Blind SQL Injectioninfo

Titlesambitraj STUDENT-MANAGEMENT-SYSTEM 1.0 Time-Based Blind SQL Injection
DescriptionThe login endpoints for admin, student, and teacher users all construct the authentication query by directly embedding the user‑supplied `email` parameter into a SQL string, enclosed only by single quotes: ```php $query = "select * from admin where email = '$_POST[email]'"; ``` No sanitisation, escaping, or parameterisation is applied. Although the direct result of the query is not reflected on the page (preventing simple bypass via the login form – see false‑positive note), the SQL statement is still executed by the database server. This makes the applications fully vulnerable to time‑based blind SQL injection. An attacker can craft payloads that cause the database to delay its response (e.g., using SLEEP()) and, based on the response time, infer sensitive data from the database.
Source⚠️ https://github.com/sambitraj/STUDENT-MANAGEMENT-SYSTEM/issues/2
User
 fortuneh2c (UID 97063)
Submission05/03/2026 22:34 (2 months ago)
Moderation05/29/2026 19:06 (26 days later)
StatusAccepted
VulDB entry367289 [sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0 Login Page email sql injection]
Points20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!