| 标题 | code-projects Employee Management System in PHP 1.0 SQL Injection |
|---|
| 描述 | The Employee Management System in PHP v1.0 is vulnerable to a SQL Injection vulnerability in the authentication functionality.
The vulnerability exists in the following endpoint:
/370project/process/eprocess.php
The application processes login requests using the mailuid and pwd parameters supplied via an HTTP POST request. The mailuid parameter is directly incorporated into backend SQL queries without proper validation, sanitization, or parameterized query handling.
Because the application fails to neutralize special SQL characters, attackers can inject malicious SQL code into the login request. This allows manipulation of the SQL query structure and execution of arbitrary SQL commands.
During testing, a time-based SQL injection payload was successfully executed:
'+(select*from(select(sleep(20)))a)+'
When this payload is submitted, the server response is delayed by approximately 20 seconds, confirming that the injected SQL query is executed by the database.
This demonstrates a time-based blind SQL injection vulnerability in the authentication mechanism. |
|---|
| 来源 | ⚠️ https://github.com/ahmadmarz10-hub/CVEsMarz/blob/main/SQL%20Injection%20in%20Employee%20Management%20System%20PHP%20mailuid%20Parameter.md |
|---|
| 用户 | AhmadMarzouk (UID 95993) |
|---|
| 提交 | 2026-04-07 10時39分 (21 日前) |
|---|
| 管理 | 2026-04-26 09時08分 (19 days later) |
|---|
| 状态 | 已接受 |
|---|
| VulDB条目 | 359638 [code-projects Employee Management System 1.0 Endpoint eprocess.php pwd SQL注入] |
|---|
| 积分 | 20 |
|---|