ଜମା କରନ୍ତୁ #59422: School Dormitory Management System - SQL Injection "Unauthorized Admin Access"ସୂଚନା

ଶୀର୍ଷକ	School Dormitory Management System - SQL Injection "Unauthorized Admin Access"
ବର୍ଣ୍ଣନା	# Exploit Title: School Dormitory Management System - SQL Injection "Unauthorized Admin Access" # Exploit Author: Madhur Jain # Vendor Name: oretnom23 # Vendor Homepage: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html # Software Link: https://www.sourcecodester.com/php/15319/school-dormitory-management-system-phpoop-free-source-code.html # Version: v1.0 # Tested on: Windows 10, Apache Description:- A SQL Injection issue in School Dormitory Management System v.1.0 allows an attacker to login as an admin account ` Payload used:- admin' or 1=1 -- ` Parameter":- Username Password ` Steps to reproduce:- 1. Lets go to admin login 2. Now in that User and password we insert our payload 3. As we can see we got logged in into admin account 4. The attack get admin panel access
ଉପଭୋକ୍ତା	Madhur Jain (UID 37979)
ଦାଖଲ	12/22/2022 05:47 PM (3 ବର୍ଷ ବର୍ଷ ago)
ମଧ୍ୟମ ଧରଣର	12/25/2022 08:30 PM (3 days later)
ସ୍ଥିତି	ଗ୍ରହଣ କରାଯାଇଛି
VulDB ଏଣ୍ଟ୍ରି	216775 [SourceCodester School Dormitory Management System 1.0 Admin Login SQL ଇଞ୍ଜେକ୍ସନ]
ପଏଣ୍ଟ	17

Do you need the next level of professionalism?

Upgrade your account now!