CVE-2020-5510

This exploit demonstrates SQL injection in Hostel Management System 2.0 via the 'id' parameter, leading to remote command execution through SQLi-based OS shell access. The PoC includes payloads for boolean-based, error-based, time-based, and UNION-based SQLi, with evidence of successful file upload and command execution.

This is a writeup describing an unauthenticated SQL injection vulnerability in Hostel Management System 2.0. The vulnerability exists in the 'id' parameter of the 'full-profile.php' file, where user input is directly concatenated into a SQL query without sanitization.