Ethical Hacking Automation

Automate Recon and scanning process with Vidoc. All security teams in one place

Employee Management System 1.0 - SQL Injection

By kannthu

Vidoc logoVidoc Module
Author: arafatansari Classification CWE-ID: CWE-89 CVSS-Metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H CVSS-Score: 10 Employee Management System 1.0 contains a SQL injection vulnerability via the username parameter. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. Reference - - Metadata max-request: 1 verified: true

Module preview

Concurrent Requests (1)
1. HTTP Request template
Raw request
Matching conditions
word: Admin Panel, Log Out, Employee Managemen...and
status: 200
Passive global matcher
No matching conditions.
On match action
Report vulnerability