WebDamn User Registration and Login System with User Panel suffers from a remote SQL injection vulnerability that allows for authentication bypass.
27bfbbc180023781023aaa9f613176ea# Exploit Title: WebDamn User Registration & Login System with User Panel - SQLi Auth Bypass
# Date: 18-11-2020
# Exploit Author: Aakash Madaan
# Vendor Homepage: https://webdamn.com/
# Software Link : https://webdamn.com/user-management-system-with-php-mysql/
# Version: N/A (Default)
# Tested on: Windows 10 professional
Steps to reproduce:
1. Open user login page using following URl:
-> http://localhost/login.php <http://localhost/login.html>
2. If attacker get access to valid email address ( leaked data or by any
other means) then he/she can use the email address as follows:
Payload: <email>' OR '1'='1
NOTE: Use the above payload in both username and password fields
3. Server accepts the payload and the attacker is able to bypass the user
login panel with only email address.