| Title | SourceCodester Kortex Advocate office Management System (add_act.php) 1.0 Time based SQL injection |
|---|
| Description | Related Code file: /control/add_act_.php
Injection parameter: MULTIPART aname
POST parameter 'MULTIPART aname' is vulnerable.
sqlmap finding:
```
Parameter: MULTIPART aname ((custom) POST)
Type: boolean-based blind
Title: MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause
Payload: -----------------------------8879615583215427378340903645
Content-Disposition: form-data; name="aname"
```
Report link: https://reports-kunull.vercel.app/sourcecodester-advocate-management-system-add-act |
|---|
| Source | ⚠️ https://www.sourcecodester.com/php/17280/advocate-office-management-system-free-download.html |
|---|
| User | Anonymous User |
|---|
| Submission | 07/12/2024 15:37 (2 years ago) |
|---|
| Moderation | 07/13/2024 07:33 (16 hours later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 271402 [SourceCodester Kortex Lite Advocate Office Management System 1.0 /control/add_act.php aname sql injection] |
|---|
| Points | 20 |
|---|