Registration & Login and User Management System With admin panel - SQL Injection (Auth Bypass)

2021.07.19

Aryan Chehreghani (IR)

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

# Exploit Title: User Registration & Login and User Management System With admin panel - SQL Injection (Auth Bypass)
# Date: 2021-07-01
# Exploit Author: Aryan Chehreghani
# Vendor Homepage: https://phpgurukul.com
# Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/
# Version: 2.1
# Tested on: Windows 10

SQL Injection:
Injection flaws, such as SQL, NoSQL, and LDAP injection, occur when
untrusted data is sent to an interpreter as part of a command or query. The
attacker’s hostile data can trick the interpreter into executing unintended
commands or accessing data without proper authorization.

Attack vector:
An attacker can gain admin panel access using malicious sql injection queries.

Steps to reproduce:
1) Open admin login page using following URl:
"http://localhost/loginsystem/admin"

2) Now put the payload below the Username and password field.
Payload: admin' or '1'='1 and you will be successfully logged In as Admin without any credentials.

==============================================
TAPESH DIGITAL SECURITY TEAM IRAN T.ME/ICTUS_TM  |  تیم امنیت سایبری تپش

See this note in RAW Version

Vote for this issue:

75%

25%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Registration & Login and User Management System With admin panel - SQL Injection (Auth Bypass)

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.