SQL Injection in loginform.php in ProjectWorld's Travel Management System v1.0 allows remote attackers to bypass authentication via SQL Injection in the 'username' and 'password' fields.
An attacker sends a crafted request to the login form (loginform.php), injecting malicious SQL code into the 'username' and 'password' fields. Because the input data is not properly validated or parameterized, the injected SQL code is directly interpreted by the database engine. As a result, the logic of the authentication query is modified in such a way that the attacker gains access to the system without knowing the correct login credentials.
An attacker can completely bypass the authentication mechanism and gain unauthorized access to the application, potentially with administrator privileges. This can lead to breaches of confidentiality, integrity, and availability of data processed by the system.
Manufacturer patches should be applied in accordance with the references provided. Additionally, it is recommended to immediately implement parameterized SQL queries (prepared statements) and input validation in the login form. Until the patch is applied, consider disabling public access to the application.
Projectworlds Travel Management System v1.0 — loginform.php file
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HProjectworlds Travel Management System
APPProjectworlds1.0
Related vulnerabilities
Insecure File Permissions and Arbitrary File Upload in the upload pic function in updatesubcategory.php in Pro...
SQL Injection vulnerability in projectworlds Travel management System v.1.0 allows a remote attacker to execut...
A vulnerability was found in projectworlds Travel Management System 1.0. This issue affects some unknown proce...
A vulnerability has been found in projectworlds Travel Management System 1.0. This vulnerability affects unkno...
A vulnerability was determined in projectworlds Travel Management System 1.0. Impacted is an unknown function ...