Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Authentication Bypass Prevention through SQL Injection #2
Dear Repository maintainer,
Hope you are going well and had a Merry Christmas.
Administrator/index.php,user/index.php(fix): Added mysqli_real_escape_string function to prevent authentication bypass issues for Administrator/user logins.
Without applying this temporary fix, it is possible for users to bypass authentication pages for user/ and Administrator/ and login as any user without knowing the password. PoC can be provided if required.
Please note that in future, use of Prepared statements in PHP is a better/more secure fix and will help to remove any other instances of sql injection.
I would like to release the PoC exploit after 2 weeks (14 days) - could you please let me know on manasmbellani@gmail if you have any queries, concerns or issues with the requested fix. I would recommend pulling this branch version and updating to the latest as soon as possible.
I will also be requesting a CVE number via CVE Mitre for this bug.
Wish you a very Happy New Year!
Thanks and Kind Regards,