StudentManager
StudentManager copied to clipboard
Hui4401
基于JSP+Servlet的学生管理系统
I detected a sql inject in login.jsp by source code review. In detail, the code in teacherD/studentD.checkAccount concat the username and password with sql, and cause a sql inject. ...
I found a sql inject in one_page_student.findWithId/findWithName. Set a breakpoint as follows:  When I use payload `one_page_student?key=1' or '1'='1`,it hits the breakpoint.   After executing `String sql=...`, `sql`...
I found a arbitrary password reset in student/personal.jsp. When a user modify its information, here is not a check about who it is, and calls update_student_security, updates database columns just...
I found a arbitrary password reset in teacher/personal.jsp. When a user modify its information, here is not a check about who it is, and call update_teacher, update database columns just...
Build this project locally There is a sql registration vulnerability in the login  It is found that there is a splicing of sql statements at the verification login ...
