Bluecms V1.6 has SQL injection in line 132 of admin/article.php

# Bluecms_v1.6
## Download
http://lp.downcode.com/j_14/j_14745_bluecms.rar
## vulnerability code:
in admin/article.php line132:
![image](https://user-images.githubusercontent.com/73650154/180907799-b1e21d1e-1547-437e-b432-c78657ead087.png)
There is numeric injection for $_GET['id']
Because there is no echo, you can blind SQL injection with sleep()
payload: id=1%20or%20if(1=1,sleep(1),0)
![image](https://user-images.githubusercontent.com/73650154/180907921-b6ac972f-7eb7-4e00-a463-6c55432d3d96.png)
payload: id=1%20or%20if(1=2,sleep(1),0)
![image](https://user-images.githubusercontent.com/73650154/180907898-db359d18-2660-4b39-ace8-1f28d8fc34fb.png)
sleep () is executed based on the server response speed
Use exp to get the database version number
![image](https://user-images.githubusercontent.com/73650154/180939779-b6f8f05a-413d-4cca-b58d-33403dbcd2c3.png)



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bluecms V1.6 has SQL injection in line 132 of admin/article.php #1

Bluecms_v1.6

Download

vulnerability code:

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development