DayCloud StudentManage SQL Injection Vulnerability in Login Endpoint
Vulnerability
A critical SQL injection vulnerability has been identified in DayCloud StudentManage version 1.0. The issue arises in the Login Endpoint, specifically within the file '/admin/adminScoreUrl'. The vulnerability allows remote attackers to manipulate the 'query' parameter, leading to unauthorized database access. This exploitation could bypass authentication or extract sensitive information. The vulnerability exists because user input is not properly sanitized before being incorporated into SQL queries.
Impact
Exploitation of this vulnerability allows for SQL injection, enabling attackers to manipulate database queries. This could lead to unauthorized data access, data manipulation, or in some cases, executing administrative operations on the database.
Reproduction
To reproduce this vulnerability, send a request to the '/admin/adminScoreUrl' endpoint with a crafted 'query' parameter that includes malicious SQL code. If the injection is successful, it will be possible to manipulate the SQL query execution, potentially bypassing authentication or extracting data from the database.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.