a5920da7af
10 changes to exploits/shellcodes/ghdb Ricoh Printer - Directory and File Exposure Blood Bank & Donor Management System using v2.2 - Stored XSS Equipment Rental Script-1.0 - SQLi Bank Locker Management System - SQL Injection Fundraising Script 1.0 - SQLi PHP Shopping Cart 4.2 - Multiple-SQLi 7 Sticky Notes v1.9 - OS Command Injection Typora v1.7.4 - OS Command Injection
29 lines
No EOL
1.4 KiB
Text
29 lines
No EOL
1.4 KiB
Text
# Exploit Title: Bank Locker Management System - SQL Injection
|
|
# Application: Bank Locker Management System
|
|
# Date: 12.09.2023
|
|
# Bugs: SQL Injection
|
|
# Exploit Author: SoSPiro
|
|
# Vendor Homepage: https://phpgurukul.com/
|
|
# Software Link: https://phpgurukul.com/bank-locker-management-system-using-php-and-mysql/
|
|
# Tested on: Windows 10 64 bit Wampserver
|
|
|
|
## Description:
|
|
This report highlights a critical SQL Injection vulnerability discovered in the "Bank Locker Management System" application. The vulnerability allows an attacker to bypass authentication and gain unauthorized access to the application.
|
|
|
|
## Vulnerability Details:
|
|
- **Application Name**: Bank Locker Management System
|
|
- **Software Link**: [Download Link](https://phpgurukul.com/bank-locker-management-system-using-php-and-mysql/)
|
|
- **Vendor Homepage**: [Vendor Homepage](https://phpgurukul.com/)
|
|
|
|
## Vulnerability Description:
|
|
The SQL Injection vulnerability is present in the login mechanism of the application. By providing the following payload in the login and password fields:
|
|
|
|
Payload: admin' or '1'='1-- -
|
|
|
|
An attacker can gain unauthorized access to the application with administrative privileges.
|
|
|
|
## Proof of Concept (PoC):
|
|
1. Visit the application locally at http://blms.local (assuming it's hosted on localhost).
|
|
2. Navigate to the "banker" directory: http://blms.local/banker/
|
|
3. In the login and password fields, input the following payload:
|
|
4. admin' or '1'='1-- - |