Schools Alert Management Script 2.0.2 Authentication Bypass

2018.02.28

Credit: Prasenjit Kanti Paul

Risk: Medium

Local: No

Remote: Yes

CVE: CVE-2018-6859

CWE: CWE-89

CVSS Base Score: 7.5/10

Impact Subscore: 6.4/10

Exploitability Subscore: 10/10

Exploit range: Remote

Attack complexity: Low

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

 ######################################################################################
# Exploit Title: Schools Alert Management Script - 2.0.2 - Authentication Bypass
# Date: 07.02.2018
# Vendor Homepage: https://www.phpscriptsmall.com/
# Software Link: https://www.phpscriptsmall.com/product/schools-alert-management-system/
# Category: Web Application
# Exploit Author: Prasenjit Kanti Paul
# Web: http://hack2rule.wordpress.com/
# Version: 2.0.2
# Tested on: Linux Mint
# CVE: CVE-2018-6859
#######################################################################################
Proof of Concept
=================
1. Go to login page
2. Choose Student/Parent/Management to login
2. put [admin' OR '1' = '1] as user and password field
3. You will be logged in as Student/Parent/Management

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Schools Alert Management Script 2.0.2 Authentication Bypass

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.