Header Ads Widget

CVE-2025-0842 | Library-Card-System | SQL Injection Admin Login Bypass In admin.php | Found By Maloy Roy Orko

January 19, 2025

Hi All, 

I am Maloy Roy Orko.

Recently in one of my pentest research, I found a Library-Card-System application By Needyamin which is an open source Library-Card-System to print a library card with student information using PHP, MYSQL, JAVASCRIPT.

It is based on the scripting languages of PHP. Library-Card-System is a Library-Card-System using PHP, MYSQL, JAVASCRIPT

Curious to explore its functionalities, I downloaded and set it up in my local system. 

After fiddling with the source code, I found that it did not have any kind of SQL INJECTION Protection in admin.php file.


It can lead into:

  1. Malware Distribution
  2. Data Breach
  3. Web Shell Installation
  4. Reputation Damage

The Main Thing Is,If any NON-IT personal uses this template,he will fall into this vulnerability and his companies reputation can be lost too.Thats why I am trying to inform everyone about this.

  • Title of the Vulnerability: 
  • Library-Card-System | Admin Login Bypass In admin.php | Found By Maloy Roy Orko
  • Vulnerability Class: SQL Injection
  • Product Name: Library-Card-System
  • Vendor: https://github.com/needyamin/
  • Vulnerable Product Link: https://github.com/needyamin/Library-Card-System/
  • Technical Details & Description: The application source code is coded in a way which allows SQL Admin Bypass.It can lead into:
  1. Malware Distribution
  2. Data Breach
  3. Denial of Service (DoS)
  4. Web Shell Installation
  5. Reputation Damage
  • Product & Service Introduction: Library-Card-System
  • Observation & Exploitation: 
Here,The Admin Panel Location Is: 

/admin.php/

Lets Exploit 🌠🗝️🔐:

  1. First,Go To That Panel 
  2. Example: 192.168.0.100:8080/libb/admin.php
  3. Now,Use SQL Injection Payloads To Make The Backend Condition True!
  4. I Will Use: ' or 1=1 limit 1 -- -+

  5. Then,As The Code Has Severe Errors ; Maybe It Will Not Redirect You To Dashboard But As You Have The Session.You Can Enter The Dashboard.
  6. Here Dashboard Is: /admindashboard php/
  7. Example: http://192.168.0.100:8080/libb/admindashboard.php

Conclusion :- 

The main aim of this article is to show that if any NON-IT personal uses this template,he will fall into this vulnerability and his companies reputation can be lost too. But I also hope that it helps to give you ideas of how combi

ning attacks can make them much more potent. 

Tags: