Crime Reporting System 1.0 SQL Injection

Crime Reporting System version 1.0 suffers from a remote SQL injection vulnerability.


SHA-256 | 1902656c78a63b63b41bc5b4c913962d3a6e3c4a3052b6bce1691e9bf7782219

# Exploit Title: Crime Reporting System - Blind SQL Injection on Login email parameter 
# Date: 31/07/2022
# Exploit Author: saitamang
# Vendor Homepage: code-projects.org
# Software Link: https://download-media.code-projects.org/2020/07/Online_Crime_Reporting_System_Project_Report_IN_PHP_CSS_Js_AND_MYSQL__FREE_DOWNLOAD.zip
# Version: 1.0
# Tested on: Centos 7 apache2 + MySQL

Crime Reporting System sustained to the attack Blind SQL Injection at the login page on email parameter.

# Payload used --> 'or sleep(5)#

Related Posts