Headline
CVE-2023-1461: SourceCodester Canteen Management System createCategories.php sql injection_@sec的博客-CSDN博客
A vulnerability was found in SourceCodester Canteen Management System 1.0. It has been declared as critical. This vulnerability affects the function query of the file createCategories.php. The manipulation of the argument categoriesStatus leads to sql injection. The attack can be initiated remotely. VDB-223306 is the identifier assigned to this vulnerability.
@sec 于 2023-03-17 15:43:46 发布 11 收藏
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
SourceCodester Canteen Management System createCategories.php sql injection
url: youthappam/php_action/createCategories.php
Abstract:
Line 15 of createCategories.php invokes a SQL query built with input that comes from an untrusted source. This call could allow an attacker to modify the statement’s meaning or to execute arbitrary SQL commands.
Explanation:
SQL injection errors occur when:
- Data enters a program from an untrusted source.
- The data is used to dynamically construct a SQL query.
In this case, the data is passed to query() in createCategories.php on line 15.
Parameter: categoriesStatus (POST)
Type: time-based blind
Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
Payload:
categoriesName=11&categoriesStatus=11' AND (SELECT 1775 FROM (SELECT(SLEEP(5)))taVZ) AND 'yuus'='yuus
Download Code:
https://www.sourcecodester.com/php/15688/canteen-management-system-project-source-code-php.html