Code-Projects Simple Attendance Record System SQL Injection Vulnerability

A SQL injection vulnerability has been identified in Code-Projects Simple Attendance Record System version 2.0. The issue arises in the check.php file, where the student parameter is directly taken from user input via the POST method and concatenated into an SQL query without proper sanitization. This flaw allows attackers to inject arbitrary SQL commands, potentially leading to unauthorized data access or manipulation. The vulnerability can be exploited remotely, and a public exploit is available.

Impact

Exploitation of this vulnerability allows for SQL injection, where an attacker can manipulate SQL queries to access, modify, or delete database information. In this case, the injection could be used to leak sensitive data such as password hashes and private information, or to execute harmful actions like writing a web shell to the server.

Reproduction

To reproduce this vulnerability, send a POST request to /check.php with the 'student' parameter. The value of this parameter should be crafted to include SQL injection payloads, such as those exploiting UNION-based injections or other SQL injection techniques. The server response can be used to verify if the injection was successful.