Download the source code from
line: 9
The POST parameter txtsearch is received and assigned to $txtsearch
line: 172-186
<?php
$event_query = $conn->query("select * from sub_event where event_name like '%$txtsearch%'") or die(mysql_error());
$menum_row = $event_query->rowcount();
if( $menum_row > 0){ ?>
<h3>Sub Events</h3>
<?php
while ($event_row = $event_query->fetch())
{
$search_mainevent_id=$event_row['mainevent_id'];
$search_subevent_id=$event_row['subevent_id'];
?>
Because the string entered by the user is not filtered and the sql statements are spliced, the sql injection vulnerability is generated. It can cause serious harm to the system.
Use burpsuite for vulnerability verification:
Use sqlmap for vulnerability verification:



