| Title | code-projects Online Voting System in PHP 1.0 SQL Injection |
|---|
| Description | A SQL Injection vulnerability exists in the vote submission functionality of Online Voting System in PHP version 1.0.
The endpoint saveVote.php is publicly accessible without authentication and processes voter data through a test_input() function that applies htmlspecialchars() without the ENT_QUOTES flag, leaving single quotes unescaped. All four POST parameters are directly concatenated into an INSERT query:
$name= test_input($_POST["voterName"]);
$email= test_input($_POST["voterEmail"]);
$voterID= test_input($_POST["voterID"]);
$selection= test_input($_POST["selectedCandidate"]);
$sql= "INSERT INTO db_evoting.tbl_users VALUES(null,'".$name."','".$email."','".$voterID."','".$selection."');";
An unauthenticated attacker can manipulate the SQL logic to insert arbitrary records into the voter table, inject malicious data, or cause database errors by breaking the query structure. |
|---|
| Source | ⚠️ https://gist.github.com/c4ttr4ck/a29b2238099fa07b4f072c21123b55ef |
|---|
| User | c4ttr4ck (UID 75518) |
|---|
| Submission | 06/02/2026 20:18 (1 month ago) |
|---|
| Moderation | 07/03/2026 20:31 (1 month later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 376162 [code-projects Online Voting System 1.0 /saveVote.php test_input voterName/voterEmail/voterID/selectedCandidate sql injection] |
|---|
| Points | 20 |
|---|