Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SQL Injection Vulnerabilities #261

Open
xiaoxianghuayu opened this issue Jul 4, 2022 · 2 comments
Open

SQL Injection Vulnerabilities #261

xiaoxianghuayu opened this issue Jul 4, 2022 · 2 comments

Comments

@xiaoxianghuayu
Copy link

There are 2 time-based SQL Injection Vulnerabilities, in /load_data_for_groups.php and /load_data_for_topusers.php respectively.

ENV:
ubuntu14.04
php 5.5.9
mysql 5.5.62

SQL Injection in /load_data_for_groups.php

vulnerable code:

Line16: the $page_size is user controllable and directly used in sql statement which may cause a time-based sql injection

image

POC:

trigger the sql injection(my mysql version is 5.5.62):

image

do not trigger:

image

SQL Injection in /load_data_for_topusers.php

vulnerable code:

Line30: the $page_size is user controllable and directly used in sql statement which may cause a time-based sql injection

image

POC:

trigger the sql injection(my mysql version is 5.5.62):

image

do not trigger:

image

@sqrtZeroKnowledge
Copy link

I confirm, It's blind SQL INJECTION.

@redwinefireplace
Copy link

Kliqqi has been discontinued since 2018. I wouldn't recommend using it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants