AMTT Hotel Broadband Operation System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in AMTT Hotel Broadband Operation System version 1.0. The issue arises in the file '/user/portal/get_expiredtime.php', where the 'uid' parameter can be manipulated to inject SQL commands. This vulnerability can be exploited remotely, potentially allowing attackers to gain unauthorized access to server privileges.

Impact

Exploitation of this vulnerability allows for SQL injection, which could lead to unauthorized data access or manipulation, and in some cases, could be used to execute administrative operations on the database or application server.

Reproduction

The vulnerability can be reproduced by sending a GET request to '/user/portal/get_expiredtime.php' with a crafted 'uid' parameter that includes SQL injection payloads. This can be done using a web browser or a tool like curl or Postman.