COVID19 Testing Management System 1.0 – SQL Injection (Auth Bypass)

• Exploit Database
• 18 阅读

• 作者： Rohit Burke
  日期： 2021-05-19
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/49886/

• # Exploit Title: COVID19 Testing Management System 1.0 - SQL Injection (Auth Bypass)
  # Date: 19/05/2021
  # Exploit Author: Rohit Burke
  # Vendor Homepage: https://phpgurukul.com
  # Software Link: https://phpgurukul.com/covid19-testing-management-system-using-php-and-mysql/
  # Version: 1.0
  # Tested on: Windows 10
  
  SQL Injection:
  Injection flaws, such as SQL, NoSQL, and LDAP injection, occur when
  untrusted data is sent to an interpreter as part of a command or query. The
  attacker’s hostile data can trick the interpreter into executing unintended
  commands or accessing data without proper authorization.
  
  Attack vector:
  An attacker can gain admin panel access using malicious sql injection queries.
  
  Steps to reproduce:
  1) Open admin login page using following URl:
  "http://localhost/covid-tms/login.php"
  
  2) Now put the payload below the Username and password field.
  Payload: admin' or '1'='1 and you will be successfully logged In as Admin without any credentials.