| 제목 | SQL Database Error could lead to SQL Injection in minical v1.0.0 |
|---|
| 설명 | # VULNERABILITY-TYPE : Unchecked Error Condition
# VENDOR OF THE PRODUCT : minical
# AFFECTED PRODUCT : minical/minical
# VERSION: v1.0.0
# ATTACK TYPE : REMOTE
# IMPACT: CODE EXECUTION
# AFFECTED COMPONENTS: SOURCE-CODE(show_bookings)
# ATTACK VECTOR: show_bookings(search_query)
# DESCRIPTION: Minical ,an open-source PMS v1.0.0 suffers from Unchecked Error Condition via search_query
# Vendor Homepage: https://github.com/minical/minical
# Software Link:https://github.com/minical/minical/archive/refs/tags/v1.0.0.zip
# REFERENCE:
1.) https://cwe.mitre.org/data/definitions/391.html
# PROOF_OF_CONCEPT
GITHUB_LINK: https://github.com/ctflearner/Vulnerability/blob/main/MINICAL/minical.md
|
|---|
| 원천 | ⚠️ https://github.com/minical/minical |
|---|
| 사용자 | Affan (UID 39417) |
|---|
| 제출 | 2023. 06. 09. PM 05:30 (3 연령 ago) |
|---|
| 모더레이션 | 2023. 06. 18. AM 09:06 (9 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 231803 [miniCal 1.0.0 /booking/show_bookings/ search_query SQL 주입] |
|---|
| 포인트들 | 20 |
|---|