Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

SQL Injection Vulnerability on "order_by" parameter in Rukovoditel-3.2.1 #2

Open
Kubozz opened this issue Oct 15, 2022 · 0 comments
Open

Comments

@Kubozz
Copy link
Owner

Kubozz commented Oct 15, 2022

Description:
I download Rukovoditel-3.2.1 from https://www.rukovoditel.net/download.php
The SQL Injection vulnerability can be exploited by injecting inside the field order_by parameter to generate error and get the query output.

PoC:

  1. Login account
  2. Go to 'rukovoditel/index.php?module=logs/view&type=php'
  3. Apply search query
  4. Insert SQLi payload and I get presented with an error message dumping the output of SQL query

Screenshot:
image

Request and response:
image

Retrieve the Database Tables:
image
image

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant