- SQL-Injection Bypass Authentication on PHPGURUKUL Employee Record Management System 1.2.
SQL-Injection Bypass Authentication Vulnerabilities found in PHPGURUKUL Employee Record Management System 1.2. The attacker can log in as an admin account of this system and can destroy, change or manipulate all sensitive information on this system.
- Vulnerable parameters:
app:index.php
username
Password
<?php
session_start();
include('includes/dbconnection.php');
if(isset($_POST['login']))
{
$uname=$_POST['username'];
$Password=$_POST['Password'];
$query=mysqli_query($con,"select ID from tbladmin where AdminuserName='$uname' && Password='$Password' ");
$ret=mysqli_fetch_array($query);
if($ret>0){
$_SESSION['aid']=$ret['ID'];
header('location:welcome.php');
}
else{
echo "Invalid Details";
}
}
?>UJUmDrY0EhGhTMvbbJPqyrY+XhWS7E9JwjJj59U6OmCYUujEEpyuMWODRplwUVe5Etfn0kZ6BzCoFR1Y7MuGbp/vrDmmSwhvv40GdXPH1cCWiT702Ds7+f8n6TBgV05dnZTMvCNoOkoy/Z3de840yrQpURB8nVAaTWPX37S/YAM6iLjPQLKJ9cSZmyRGEDiFH1h6BDt1JiNJ1B9AbjsqPsT9Lt+lRBIDqocjdMP8sxkF7Xpyg9zpQ8keHeMZ6X26ejqTK6lZ3BFSZnQS3FLLEKGFzkEL3eqQW6EDfRvUl95ZrLjacBSvjABS3wYwh5RGRkT4NMnpTkkcpJl9A5K7K6HAusXmc/2U2rvTbvYgpSKsBDZ/B6dPJsw7cfO8oCjZsvV/vVnc6U4yXRvv8TILqtBN4dVMuiANnIavvDIodO1R8wgnIgpiwSkL3TpGqrrX/qrEUp9Fq5OYs4gIJz5d/5RML+u8IFAhvcfxLAOUZ6YQV9RG45eWXerjGcpyFEY2SjEbLVYUBT87e+f4yiEbvYLKtMVraSzPBohWHI7Xc+f1hJMq0rcNGzqcTyL+H1wtib2Dc9sBCEb5FzXf3/xmTgqpiZA85fhErQaFSvVxaYlZGR/Tu/vOxPvlq9DVPg5lzL0xkDTQpodKzD/xGqKsqQE6LjRkhw4xYp0pEMrBl0jsU4BCPHKeWLdBY6kevPmbATlS5CNDOdpS0NaNT8t7kC5v3LJaY6DIsFKvY74kZ+ehRZv77Wx1Zg0wt0CO4H+H