Gửi #846328: code-projects Online Voting System in PHP 1.0 SQL Injectionthông tin

tiêu đềcode-projects Online Voting System in PHP 1.0 SQL Injection
Mô tả SQL Injection vulnerability exists in the admin authentication mechanism of Online Voting System in PHP version 1.0. The application defines a test_input() function intended to sanitize user input, but it calls htmlspecialchars() without the ENT_QUOTES flag. By default, htmlspecialchars() only encodes double quotes ("), leaving single quotes (') unescaped. As a result, the POST parameters adminUserName and adminPassword are interpolated unsanitized into a SELECT query: $sql= "SELECT * FROM db_evoting.tbl_admin WHERE admin_username='".$admin_username."' AND admin_password='".$admin_password."'"; $query= mysqli_query($conn, $sql); if(mysqli_num_rows($query)==1) { header("location:cpanel.php"); } An attacker can inject a SQL comment to cancel the password condition and gain access to the admin panel without valid credentials. Proof of Concept (PoC): Below is a POST request demonstrating authentication bypass via SQL Injection in the adminUserName parameter: POST /authentication.php HTTP/1.1 Host: localhost Content-Type: application/x-www-form-urlencoded adminUserName=admin'-- -&adminPassword=anything
Nguồn⚠️ https://gist.github.com/c4ttr4ck/ed954dc2e3da968eb460a18385146f4c
Người dùng
 c4ttr4ck (UID 75518)
Đệ trình02/06/2026 20:17 (cách đây 1 tháng)
Kiểm duyệt03/07/2026 20:31 (1 month later)
Trạng tháiđược chấp nhận
Mục VulDB376161 [code-projects Online Voting System đến 0.x/1.0 Login /authentication.php test_input adminUserName/adminPassword Tiêm SQL]
điểm20

Do you need the next level of professionalism?

Upgrade your account now!