Date: 2/23/2024

Vendor and Product Information:

• Vendor: Project Worlds
• Product: File Management System
• Product URL: File Management System

Executive Summary:

A SQL injection vulnerability has been identified in the login mechanism of the application. This vulnerability allows an attacker to bypass authentication and gain unauthorized access to user accounts. The vulnerability was discovered during security testing, and this report provides details on the issue, its impact, and recommended remediation steps.

Issue Details:

• Vulnerability Name: SQL Injection (SQLi) via Login Form
• Severity: High
• URL: http://localhost/Complaint Management System/users/index.php
• HTTP Method: POST

Issue Description:

The web application is vulnerable to SQL Injection (SQLi) attacks through the login form. An attacker can exploit this vulnerability by manipulating the username parameter in the HTTP POST request to inject malicious SQL code. In the provided example, the attacker appends ' or '1' = '1' -- - to the username parameter, resulting in an SQL query that always evaluates to true, allowing unauthorized access to the application.

Proof of Concept (PoC):

1. Open the Site: Access the website at http://localhost/Complaint Management System/index.html.
2. Navigate to the Users Section: Go to the users section of the website by visiting http://localhost/Complaint Management System/users/.
3. SQL injection via login form The video shows the successful exploit

screen-capture (6).webm

Payload: