cbcvebase.
CVE-2020-23935
published 2020-08-20

CVE-2020-23935: Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".

PriorityP277critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
15.93%
96.5th percentile
Kabir Alhasan Student Management System 1.0 is vulnerable to Authentication Bypass via "Username: admin'# && Password: (Write Something)".

Affected

1 ranges
VendorProductVersion rangeFixed in
kabir-m-alhasanstudent_management_system

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://(HOST)/admin/login.php
urlPOST /process.php
path/process.php
commandU_USERNAME=admin'#&U_PASS=123123&sidebarLogin=
  • Detect SQLi authentication bypass attempt by monitoring POST requests to /process.php containing the SQL comment sequence in the username field: U_USERNAME value ending with '# (single-quote followed by hash/comment operator).
  • Monitor POST requests to /process.php with Content-Type: application/x-www-form-urlencoded for the U_USERNAME parameter containing a single-quote character, indicative of SQL injection.
  • Alert on login attempts to /admin/login.php or /index.php?q=login where the submitted username field contains SQL comment characters ('# pattern) regardless of password value.
  • ·The exploit was tested specifically on Windows with WampServer; behavior or path structure may differ on other hosting environments.
  • ·Default credentials for the application are admin:admin; deployments that have not changed defaults are trivially accessible even without SQLi.

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.