| 标题 | code-projects Online Application System For Admission In PHP 1.0 SQL Injection |
|---|
| 描述 | A SQL Injection vulnerability exists in the Online Application System for Admission in PHP within the admission form processing functionality.
The vulnerability occurs in the following endpoint:
/OnlineApplicationSystem_PHP/enrollment/admsnform.php
The application processes numerous parameters submitted through an HTTP POST request during the admission process. One of these parameters, detid, is user-controlled and is used by the backend application without proper input validation or sanitization.
Testing confirmed that the detid parameter is vulnerable to time-based SQL injection, indicating that attacker-supplied SQL expressions are interpreted and executed by the database engine.
In the provided request, the attacker injects a delay-based SQL payload using the SLEEP() function:
detid='+(select*from(select(sleep(20)))a)+'
When this request is processed by the application, the server response is delayed by approximately 20 seconds, confirming that the injected SQL query is executed by the database.
This demonstrates that the application directly incorporates user input into SQL queries without using prepared statements or parameterized queries.
Because the parameter is not properly sanitized, attackers can manipulate the SQL query structure and execute arbitrary SQL commands. |
|---|
| 来源 | ⚠️ https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/SQL%20Injection%20in%20Online%20Application%20System%20for%20Admission%20PHP%20detid%20Parameter.md |
|---|
| 用户 | AhmadMarzouk (UID 95993) |
|---|
| 提交 | 2026-03-23 17時59分 (24 日前) |
|---|
| 管理 | 2026-04-05 22時46分 (13 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 355437 [code-projects Online Application System for Admission 1.0 Endpoint admsnform.php SQL注入] |
|---|
| 积分 | 20 |
|---|