Shawon100 RUET OJ SQL Injection Vulnerability in POST Request Handler

A SQL injection vulnerability has been identified in the shawon100 RUET OJ application, specifically in the POST Request Handler component. This issue affects all releases up to the commit 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. The vulnerability arises in the process.php file, where the 'un' parameter can be manipulated to execute SQL injection attacks. This flaw can be exploited remotely, without any authentication, allowing attackers to interfere with the application's database operations.

Impact

Exploitation of this vulnerability allows for unauthorized SQL injection, enabling attackers to manipulate database queries and potentially access, modify, or delete database information.

Reproduction

To reproduce this vulnerability, send a POST request to the process.php file with a payload that includes a crafted 'un' parameter designed to exploit SQL injection vulnerabilities. The injection can be time-based, using SQL commands that cause a delay in the response, which can be measured to confirm the injection's success. This vulnerability can be automated with tools like sqlmap to extract database information.