Shawon100 RUET OJ SQL Injection Vulnerability in details.php

A SQL injection vulnerability has been identified in the Shawon100 RUET OJ application, specifically in versions up to 18fa45b0a669fa1098a0b8fc629cf6856369d9a5. The issue arises in an unknown function of the file details.php, where manipulation of the 'ID' parameter allows for SQL injection. This vulnerability can be exploited remotely, and a public exploit is available. The application follows a rolling release model, so specific version details for affected or updated releases are not provided.

Impact

Exploitation of this vulnerability allows for time-based blind SQL injection, where an attacker can manipulate the 'ID' parameter to execute arbitrary SQL commands. This could lead to unauthorized data access or modification, such as dumping the entire database.

Reproduction

To reproduce this vulnerability, send a GET request to details.php with a crafted 'ID' parameter that includes a SQL injection payload. The injection can be time-based, using commands that cause a delay in response, such as 'AND SLEEP(5)'. This vulnerability can be automated with tools like SQLMap, targeting the 'ID' parameter to extract database information.